564 строки
18 KiB
JSON
564 строки
18 KiB
JSON
[
|
|
{
|
|
"TenantId": "a131321e-a763-4026-8439-5326aadafd82",
|
|
"SourceSystem": "OpsManager",
|
|
"TimeGenerated [UTC]": "11/27/2020, 10:09:35.587 PM",
|
|
"ReceiptTime": "Nov 19, 2014 18:21:13 IST",
|
|
"DeviceVendor": "Aruba Networks",
|
|
"DeviceProduct": "ClearPass",
|
|
"DeviceEventClassID": "13-1-0",
|
|
"LogSeverity": "5",
|
|
"OriginalLogSeverity": "",
|
|
"DeviceAction": "ADD",
|
|
"SimplifiedDeviceAction": "ADD",
|
|
"Computer": "",
|
|
"CommunicationDirection": "",
|
|
"DeviceFacility": "",
|
|
"DestinationPort": "",
|
|
"DestinationIP": "",
|
|
"DeviceAddress": "",
|
|
"DeviceName": "",
|
|
"Message": "",
|
|
"Protocol": "",
|
|
"SourcePort": "",
|
|
"SourceIP": "Test Role 10",
|
|
"RemoteIP": "",
|
|
"RemotePort": "",
|
|
"MaliciousIP": "",
|
|
"ThreatSeverity": "",
|
|
"IndicatorThreatType": "",
|
|
"ThreatDescription": "",
|
|
"ThreatConfidence": "",
|
|
"ReportReferenceLink": "",
|
|
"MaliciousIPLongitude": "",
|
|
"MaliciousIPLatitude": "",
|
|
"MaliciousIPCountry": "",
|
|
"DeviceVersion": "6.5.0.68754",
|
|
"Activity": "Audit Records",
|
|
"ApplicationProtocol": "",
|
|
"EventCount": "",
|
|
"DestinationDnsDomain": "",
|
|
"DestinationServiceName": "",
|
|
"DestinationTranslatedAddress": "",
|
|
"DestinationTranslatedPort": "",
|
|
"DeviceDnsDomain": "",
|
|
"DeviceExternalID": "",
|
|
"DeviceInboundInterface": "",
|
|
"DeviceNtDomain": "",
|
|
"DeviceOutboundInterface": "",
|
|
"DevicePayloadId": "",
|
|
"ProcessName": "",
|
|
"DeviceTranslatedAddress": "",
|
|
"DestinationHostName": "",
|
|
"DestinationMACAddress": "",
|
|
"DestinationNTDomain": "",
|
|
"DestinationProcessId": "",
|
|
"DestinationUserPrivileges": "",
|
|
"DestinationProcessName": "",
|
|
"DeviceTimeZone": "",
|
|
"DestinationUserID": "",
|
|
"DestinationUserName": "",
|
|
"DeviceMacAddress": "",
|
|
"ProcessID": "",
|
|
"ExternalID": "",
|
|
"FileCreateTime": "",
|
|
"FileHash": "",
|
|
"FileID": "",
|
|
"FileModificationTime": "",
|
|
"FilePath": "",
|
|
"FilePermission": "",
|
|
"FileType": "",
|
|
"FileName": "",
|
|
"FileSize": "",
|
|
"ReceivedBytes": "",
|
|
"OldFileCreateTime": "",
|
|
"OldFileHash": "",
|
|
"OldFileID": "",
|
|
"OldFileModificationTime": "",
|
|
"OldFileName": "",
|
|
"OldFilePath": "",
|
|
"OldFilePermission": "",
|
|
"OldFileSize": "",
|
|
"OldFileType": "",
|
|
"SentBytes": "",
|
|
"RequestURL": "",
|
|
"RequestClientApplication": "",
|
|
"RequestContext": "",
|
|
"RequestCookies": "",
|
|
"RequestMethod": "",
|
|
"SourceHostName": "",
|
|
"SourceMACAddress": "",
|
|
"SourceNTDomain": "",
|
|
"SourceDnsDomain": "",
|
|
"SourceServiceName": "",
|
|
"SourceTranslatedAddress": "",
|
|
"SourceTranslatedPort": "",
|
|
"SourceProcessId": "",
|
|
"SourceUserPrivileges": "",
|
|
"SourceProcessName": "",
|
|
"SourceUserID": "",
|
|
"SourceUserName": "",
|
|
"EventType": "",
|
|
"DeviceCustomIPv6Address1": "",
|
|
"DeviceCustomIPv6Address1Label": "",
|
|
"DeviceCustomIPv6Address2": "",
|
|
"DeviceCustomIPv6Address2Label": "",
|
|
"DeviceCustomIPv6Address3": "",
|
|
"DeviceCustomIPv6Address3Label": "",
|
|
"DeviceCustomIPv6Address4": "",
|
|
"DeviceCustomIPv6Address4Label": "",
|
|
"DeviceCustomFloatingPoint1": "",
|
|
"DeviceCustomFloatingPoint1Label": "",
|
|
"DeviceCustomFloatingPoint2": "",
|
|
"DeviceCustomFloatingPoint2Label": "",
|
|
"DeviceCustomFloatingPoint3": "",
|
|
"DeviceCustomFloatingPoint3Label": "",
|
|
"DeviceCustomFloatingPoint4": "",
|
|
"DeviceCustomFloatingPoint4Label": "",
|
|
"DeviceCustomNumber1": "",
|
|
"DeviceCustomNumber1Label": "",
|
|
"DeviceCustomNumber2": "",
|
|
"DeviceCustomNumber2Label": "",
|
|
"DeviceCustomNumber3": "",
|
|
"DeviceCustomNumber3Label": "",
|
|
"DeviceCustomString1": "",
|
|
"DeviceCustomString1Label": "",
|
|
"DeviceCustomString2": "",
|
|
"DeviceCustomString2Label": "",
|
|
"DeviceCustomString3": "",
|
|
"DeviceCustomString3Label": "",
|
|
"DeviceCustomString4": "",
|
|
"DeviceCustomString4Label": "",
|
|
"DeviceCustomString5": "",
|
|
"DeviceCustomString5Label": "",
|
|
"DeviceCustomString6": "",
|
|
"DeviceCustomString6Label": "",
|
|
"DeviceCustomDate1": "",
|
|
"DeviceCustomDate1Label": "",
|
|
"DeviceCustomDate2": "",
|
|
"DeviceCustomDate2Label": "",
|
|
"FlexDate1": "",
|
|
"FlexDate1Label": "",
|
|
"FlexNumber1": "",
|
|
"FlexNumber1Label": "",
|
|
"FlexNumber2": "",
|
|
"FlexNumber2Label": "",
|
|
"FlexString1": "",
|
|
"FlexString1Label": "",
|
|
"FlexString2": "",
|
|
"FlexString2Label": "",
|
|
"AdditionalExtensions": "cat=Role;timeFormat=MMM dd yyyy HH:mm:ss.SSS zzz;usrName=admin",
|
|
"StartTime [UTC]": "",
|
|
"EndTime [UTC]": "",
|
|
"Type": "CommonSecurityLog",
|
|
"_ResourceId": "/subscriptions/7fd67ca4-e443-470d-9bc0-7ce7fa3124fb/resourcegroups/m90-logingestion-rg/providers/microsoft.compute/virtualmachines/m90-siem-vm02",
|
|
"Timestamp": "",
|
|
"CallingStationId": "",
|
|
"InpuOctets": "",
|
|
"TimestampFormat": "MMM dd yyyy HH:mm:ss.SSS zzz",
|
|
"SessionTime": "",
|
|
"FramedIpAddr": "",
|
|
"Source": "",
|
|
"Method": "",
|
|
"SessionId": "",
|
|
"ServiceName": "",
|
|
"NasPortNumber": "",
|
|
"NasPortType": "",
|
|
"OutputOctets": "",
|
|
"UserName": "",
|
|
"NasIpAddr": "",
|
|
"AuthorizationSources": "",
|
|
"NetworkProtocol": "",
|
|
"RequestTimestamp": "",
|
|
"LoginStatus": "",
|
|
"EnforcementProfiles": "",
|
|
"NasPort": "",
|
|
"Ssid": "",
|
|
"ErrorCode": "",
|
|
"Roles": "",
|
|
"Service": "",
|
|
"SrcMacAddr": "",
|
|
"Unhealthy": "",
|
|
"CalledStationId": "",
|
|
"NasIdentifier": "",
|
|
"Category": "Role",
|
|
"Description": "",
|
|
"Action": "",
|
|
"TimeFormat": ""
|
|
},
|
|
{
|
|
"TenantId": "a131321e-a763-4026-8439-5326aadafd82",
|
|
"SourceSystem": "OpsManager",
|
|
"TimeGenerated [UTC]": "11/27/2020, 11:13:29.627 PM",
|
|
"ReceiptTime": "",
|
|
"DeviceVendor": "Aruba Networks",
|
|
"DeviceProduct": "ClearPass",
|
|
"DeviceEventClassID": "1604-1-0",
|
|
"LogSeverity": "0",
|
|
"OriginalLogSeverity": "",
|
|
"DeviceAction": "",
|
|
"SimplifiedDeviceAction": "",
|
|
"Computer": "",
|
|
"CommunicationDirection": "",
|
|
"DeviceFacility": "",
|
|
"DestinationPort": "",
|
|
"DestinationIP": "",
|
|
"DeviceAddress": "",
|
|
"DeviceName": "",
|
|
"Message": "",
|
|
"Protocol": "",
|
|
"SourcePort": "",
|
|
"SourceIP": "",
|
|
"RemoteIP": "",
|
|
"RemotePort": "",
|
|
"MaliciousIP": "",
|
|
"ThreatSeverity": "",
|
|
"IndicatorThreatType": "",
|
|
"ThreatDescription": "",
|
|
"ThreatConfidence": "",
|
|
"ReportReferenceLink": "",
|
|
"MaliciousIPLongitude": "",
|
|
"MaliciousIPLatitude": "",
|
|
"MaliciousIPCountry": "",
|
|
"DeviceVersion": "6.5.0.68878",
|
|
"Activity": "Session Logs",
|
|
"ApplicationProtocol": "",
|
|
"EventCount": "",
|
|
"DestinationDnsDomain": "",
|
|
"DestinationServiceName": "",
|
|
"DestinationTranslatedAddress": "",
|
|
"DestinationTranslatedPort": "",
|
|
"DeviceDnsDomain": "",
|
|
"DeviceExternalID": "",
|
|
"DeviceInboundInterface": "",
|
|
"DeviceNtDomain": "",
|
|
"DeviceOutboundInterface": "",
|
|
"DevicePayloadId": "",
|
|
"ProcessName": "",
|
|
"DeviceTranslatedAddress": "",
|
|
"DestinationHostName": "",
|
|
"DestinationMACAddress": "",
|
|
"DestinationNTDomain": "",
|
|
"DestinationProcessId": "",
|
|
"DestinationUserPrivileges": "",
|
|
"DestinationProcessName": "",
|
|
"DeviceTimeZone": "",
|
|
"DestinationUserID": "",
|
|
"DestinationUserName": "",
|
|
"DeviceMacAddress": "",
|
|
"ProcessID": "",
|
|
"ExternalID": "",
|
|
"FileCreateTime": "",
|
|
"FileHash": "",
|
|
"FileID": "",
|
|
"FileModificationTime": "",
|
|
"FilePath": "",
|
|
"FilePermission": "",
|
|
"FileType": "",
|
|
"FileName": "",
|
|
"FileSize": "",
|
|
"ReceivedBytes": "",
|
|
"OldFileCreateTime": "",
|
|
"OldFileHash": "",
|
|
"OldFileID": "",
|
|
"OldFileModificationTime": "",
|
|
"OldFileName": "",
|
|
"OldFilePath": "",
|
|
"OldFilePermission": "",
|
|
"OldFileSize": "",
|
|
"OldFileType": "",
|
|
"SentBytes": "",
|
|
"RequestURL": "",
|
|
"RequestClientApplication": "",
|
|
"RequestContext": "",
|
|
"RequestCookies": "",
|
|
"RequestMethod": "",
|
|
"SourceHostName": "",
|
|
"SourceMACAddress": "",
|
|
"SourceNTDomain": "",
|
|
"SourceDnsDomain": "",
|
|
"SourceServiceName": "",
|
|
"SourceTranslatedAddress": "",
|
|
"SourceTranslatedPort": "",
|
|
"SourceProcessId": "",
|
|
"SourceUserPrivileges": "",
|
|
"SourceProcessName": "",
|
|
"SourceUserID": "",
|
|
"SourceUserName": "",
|
|
"EventType": "",
|
|
"DeviceCustomIPv6Address1": "",
|
|
"DeviceCustomIPv6Address1Label": "",
|
|
"DeviceCustomIPv6Address2": "",
|
|
"DeviceCustomIPv6Address2Label": "",
|
|
"DeviceCustomIPv6Address3": "",
|
|
"DeviceCustomIPv6Address3Label": "",
|
|
"DeviceCustomIPv6Address4": "",
|
|
"DeviceCustomIPv6Address4Label": "",
|
|
"DeviceCustomFloatingPoint1": "",
|
|
"DeviceCustomFloatingPoint1Label": "",
|
|
"DeviceCustomFloatingPoint2": "",
|
|
"DeviceCustomFloatingPoint2Label": "",
|
|
"DeviceCustomFloatingPoint3": "",
|
|
"DeviceCustomFloatingPoint3Label": "",
|
|
"DeviceCustomFloatingPoint4": "",
|
|
"DeviceCustomFloatingPoint4Label": "",
|
|
"DeviceCustomNumber1": "",
|
|
"DeviceCustomNumber1Label": "",
|
|
"DeviceCustomNumber2": "",
|
|
"DeviceCustomNumber2Label": "",
|
|
"DeviceCustomNumber3": "",
|
|
"DeviceCustomNumber3Label": "",
|
|
"DeviceCustomString1": "",
|
|
"DeviceCustomString1Label": "",
|
|
"DeviceCustomString2": "",
|
|
"DeviceCustomString2Label": "",
|
|
"DeviceCustomString3": "",
|
|
"DeviceCustomString3Label": "",
|
|
"DeviceCustomString4": "",
|
|
"DeviceCustomString4Label": "",
|
|
"DeviceCustomString5": "",
|
|
"DeviceCustomString5Label": "",
|
|
"DeviceCustomString6": "",
|
|
"DeviceCustomString6Label": "",
|
|
"DeviceCustomDate1": "",
|
|
"DeviceCustomDate1Label": "",
|
|
"DeviceCustomDate2": "",
|
|
"DeviceCustomDate2Label": "",
|
|
"FlexDate1": "",
|
|
"FlexDate1Label": "",
|
|
"FlexNumber1": "",
|
|
"FlexNumber1Label": "",
|
|
"FlexNumber2": "",
|
|
"FlexNumber2Label": "",
|
|
"FlexString1": "",
|
|
"FlexString1Label": "",
|
|
"FlexString2": "",
|
|
"FlexString2Label": "",
|
|
"AdditionalExtensions": "RADIUS.Acct-Calling-Station-Id=00:32:b6:2c:28:95;RADIUS.Acct-Framed-IP-Address=192.167.230.129;RADIUS.Auth-Source=AD:10.17.4.130;RADIUS.Acct-Timestamp=2014-12-01 15:26:43+05:30;RADIUS.Auth-Method=PAP;RADIUS.Acct-Service-Name=Authenticate-Only;RADIUS.Acct-Session-Time=3155;TimestampFormat=MMM dd yyyy HH:mm:ss.SSS zzz;RADIUS.Acct-NAS-Port=0;RADIUS.Acct-Session-Id=R00001316-01-547c3b5a;RADIUS.Acct-NAS-Port-Type=Wireless-802.11;RADIUS.Acct-Output-Octets=578470212;RADIUS.Acct-Username=A_user2;RADIUS.Acct-NAS-IP-Address=10.17.6.124;RADIUS.Acct-Input-Octets=786315664",
|
|
"StartTime [UTC]": "",
|
|
"EndTime [UTC]": "",
|
|
"Type": "CommonSecurityLog",
|
|
"_ResourceId": "/subscriptions/7fd67ca4-e443-470d-9bc0-7ce7fa3124fb/resourcegroups/m90-logingestion-rg/providers/microsoft.compute/virtualmachines/m90-siem-vm02",
|
|
"Timestamp": "2014-12-01 15:26:43+05:30",
|
|
"CallingStationId": "00:32:b6:2c:28:95",
|
|
"InpuOctets": "",
|
|
"TimestampFormat": "MMM dd yyyy HH:mm:ss.SSS zzz",
|
|
"SessionTime": "3155",
|
|
"FramedIpAddr": "192.167.230.129",
|
|
"Source": "AD:10.17.4.130",
|
|
"Method": "PAP",
|
|
"SessionId": "R00001316-01-547c3b5a",
|
|
"ServiceName": "Authenticate-Only",
|
|
"NasPortNumber": "0",
|
|
"NasPortType": "Wireless-802.11",
|
|
"OutputOctets": "578470212",
|
|
"UserName": "A_user2",
|
|
"NasIpAddr": "10.17.6.124",
|
|
"AuthorizationSources": "",
|
|
"NetworkProtocol": "",
|
|
"RequestTimestamp": "",
|
|
"LoginStatus": "",
|
|
"EnforcementProfiles": "",
|
|
"NasPort": "",
|
|
"Ssid": "",
|
|
"ErrorCode": "",
|
|
"Roles": "",
|
|
"Service": "",
|
|
"SrcMacAddr": "",
|
|
"Unhealthy": "",
|
|
"CalledStationId": "",
|
|
"NasIdentifier": "",
|
|
"Category": "",
|
|
"Description": "",
|
|
"Action": "",
|
|
"TimeFormat": ""
|
|
},
|
|
{
|
|
"TenantId": "a131321e-a763-4026-8439-5326aadafd82",
|
|
"SourceSystem": "OpsManager",
|
|
"TimeGenerated [UTC]": "11/27/2020, 10:01:06.239 PM",
|
|
"ReceiptTime": "",
|
|
"DeviceVendor": "Aruba Networks",
|
|
"DeviceProduct": "ClearPass",
|
|
"DeviceEventClassID": "0-1-0",
|
|
"LogSeverity": "0",
|
|
"OriginalLogSeverity": "",
|
|
"DeviceAction": "",
|
|
"SimplifiedDeviceAction": "",
|
|
"Computer": "",
|
|
"CommunicationDirection": "",
|
|
"DeviceFacility": "",
|
|
"DestinationPort": "",
|
|
"DestinationIP": "",
|
|
"DeviceAddress": "",
|
|
"DeviceName": "",
|
|
"Message": "",
|
|
"Protocol": "",
|
|
"SourcePort": "",
|
|
"SourceIP": "10.17.4.208",
|
|
"RemoteIP": "",
|
|
"RemotePort": "",
|
|
"MaliciousIP": "",
|
|
"ThreatSeverity": "",
|
|
"IndicatorThreatType": "",
|
|
"ThreatDescription": "",
|
|
"ThreatConfidence": "",
|
|
"ReportReferenceLink": "",
|
|
"MaliciousIPLongitude": "",
|
|
"MaliciousIPLatitude": "",
|
|
"MaliciousIPCountry": "",
|
|
"DeviceVersion": "6.5.0.69058",
|
|
"Activity": "Insight Logs",
|
|
"ApplicationProtocol": "",
|
|
"EventCount": "",
|
|
"DestinationDnsDomain": "",
|
|
"DestinationServiceName": "",
|
|
"DestinationTranslatedAddress": "",
|
|
"DestinationTranslatedPort": "",
|
|
"DeviceDnsDomain": "",
|
|
"DeviceExternalID": "",
|
|
"DeviceInboundInterface": "",
|
|
"DeviceNtDomain": "",
|
|
"DeviceOutboundInterface": "",
|
|
"DevicePayloadId": "",
|
|
"ProcessName": "",
|
|
"DeviceTranslatedAddress": "",
|
|
"DestinationHostName": "",
|
|
"DestinationMACAddress": "",
|
|
"DestinationNTDomain": "",
|
|
"DestinationProcessId": "",
|
|
"DestinationUserPrivileges": "",
|
|
"DestinationProcessName": "",
|
|
"DeviceTimeZone": "",
|
|
"DestinationUserID": "",
|
|
"DestinationUserName": "",
|
|
"DeviceMacAddress": "",
|
|
"ProcessID": "",
|
|
"ExternalID": "",
|
|
"FileCreateTime": "",
|
|
"FileHash": "",
|
|
"FileID": "",
|
|
"FileModificationTime": "",
|
|
"FilePath": "",
|
|
"FilePermission": "",
|
|
"FileType": "",
|
|
"FileName": "",
|
|
"FileSize": "",
|
|
"ReceivedBytes": "",
|
|
"OldFileCreateTime": "",
|
|
"OldFileHash": "",
|
|
"OldFileID": "",
|
|
"OldFileModificationTime": "",
|
|
"OldFileName": "",
|
|
"OldFilePath": "",
|
|
"OldFilePermission": "",
|
|
"OldFileSize": "",
|
|
"OldFileType": "",
|
|
"SentBytes": "",
|
|
"RequestURL": "",
|
|
"RequestClientApplication": "",
|
|
"RequestContext": "",
|
|
"RequestCookies": "",
|
|
"RequestMethod": "",
|
|
"SourceHostName": "",
|
|
"SourceMACAddress": "",
|
|
"SourceNTDomain": "",
|
|
"SourceDnsDomain": "",
|
|
"SourceServiceName": "",
|
|
"SourceTranslatedAddress": "",
|
|
"SourceTranslatedPort": "",
|
|
"SourceProcessId": "",
|
|
"SourceUserPrivileges": "",
|
|
"SourceProcessName": "",
|
|
"SourceUserID": "",
|
|
"SourceUserName": "",
|
|
"EventType": "",
|
|
"DeviceCustomIPv6Address1": "",
|
|
"DeviceCustomIPv6Address1Label": "",
|
|
"DeviceCustomIPv6Address2": "",
|
|
"DeviceCustomIPv6Address2Label": "",
|
|
"DeviceCustomIPv6Address3": "",
|
|
"DeviceCustomIPv6Address3Label": "",
|
|
"DeviceCustomIPv6Address4": "",
|
|
"DeviceCustomIPv6Address4Label": "",
|
|
"DeviceCustomFloatingPoint1": "",
|
|
"DeviceCustomFloatingPoint1Label": "",
|
|
"DeviceCustomFloatingPoint2": "",
|
|
"DeviceCustomFloatingPoint2Label": "",
|
|
"DeviceCustomFloatingPoint3": "",
|
|
"DeviceCustomFloatingPoint3Label": "",
|
|
"DeviceCustomFloatingPoint4": "",
|
|
"DeviceCustomFloatingPoint4Label": "",
|
|
"DeviceCustomNumber1": "",
|
|
"DeviceCustomNumber1Label": "",
|
|
"DeviceCustomNumber2": "",
|
|
"DeviceCustomNumber2Label": "",
|
|
"DeviceCustomNumber3": "",
|
|
"DeviceCustomNumber3Label": "",
|
|
"DeviceCustomString1": "",
|
|
"DeviceCustomString1Label": "",
|
|
"DeviceCustomString2": "",
|
|
"DeviceCustomString2Label": "",
|
|
"DeviceCustomString3": "",
|
|
"DeviceCustomString3Label": "",
|
|
"DeviceCustomString4": "",
|
|
"DeviceCustomString4Label": "",
|
|
"DeviceCustomString5": "",
|
|
"DeviceCustomString5Label": "",
|
|
"DeviceCustomString6": "",
|
|
"DeviceCustomString6Label": "",
|
|
"DeviceCustomDate1": "",
|
|
"DeviceCustomDate1Label": "",
|
|
"DeviceCustomDate2": "",
|
|
"DeviceCustomDate2Label": "",
|
|
"FlexDate1": "",
|
|
"FlexDate1Label": "",
|
|
"FlexNumber1": "",
|
|
"FlexNumber1Label": "",
|
|
"FlexNumber2": "",
|
|
"FlexNumber2Label": "",
|
|
"FlexString1": "",
|
|
"FlexString1Label": "",
|
|
"FlexString2": "",
|
|
"FlexString2Label": "",
|
|
"AdditionalExtensions": "Auth.Username=host/Asif-Test-PC2;Auth.Authorization-Sources=null;Auth.Login-Status=216;Auth.Request-Timestamp=2017-12-03 16:28:20+05:30;Auth.Protocol=RADIUS;Auth.Source=null;Auth.Enforcement-Profiles=[Allow Access Profile];Auth.NAS-Port=null;Auth.SSID=cppm-dot1x-test;TimestampFormat=MMM dd yyyy HH:mm:ss.SSS zzz;Auth.NAS-Port-Type=19;Auth.Error-Code=216;Auth.Roles=null;Auth.Service=Test Wireless;Auth.Host-MAC-Address=6817294b0636;Auth.Unhealthy=null;Auth.NAS-IP-Address=10.17.4.7;Auth.CalledStationId=000B8661CD70;Auth.NAS-Identifier=ClearPassLab3600",
|
|
"StartTime [UTC]": "",
|
|
"EndTime [UTC]": "",
|
|
"Type": "CommonSecurityLog",
|
|
"_ResourceId": "/subscriptions/7fd67ca4-e443-470d-9bc0-7ce7fa3124fb/resourcegroups/m90-logingestion-rg/providers/microsoft.compute/virtualmachines/m90-siem-vm02",
|
|
"Timestamp": "",
|
|
"CallingStationId": "",
|
|
"InpuOctets": "",
|
|
"TimestampFormat": "MMM dd yyyy HH:mm:ss.SSS zzz",
|
|
"SessionTime": "",
|
|
"FramedIpAddr": "",
|
|
"Source": "null",
|
|
"Method": "",
|
|
"SessionId": "",
|
|
"ServiceName": "",
|
|
"NasPortNumber": "",
|
|
"NasPortType": "19",
|
|
"OutputOctets": "",
|
|
"UserName": "host/Asif-Test-PC2",
|
|
"NasIpAddr": "10.17.4.7",
|
|
"AuthorizationSources": "null",
|
|
"NetworkProtocol": "RADIUS",
|
|
"RequestTimestamp": "2017-12-03 16:28:20+05:30",
|
|
"LoginStatus": "216",
|
|
"EnforcementProfiles": "[Allow Access Profile]",
|
|
"NasPort": "null",
|
|
"Ssid": "cppm-dot1x-test",
|
|
"ErrorCode": "216",
|
|
"Roles": "null",
|
|
"Service": "Test Wireless",
|
|
"SrcMacAddr": "6817294b0636",
|
|
"Unhealthy": "null",
|
|
"CalledStationId": "000B8661CD70",
|
|
"NasIdentifier": "",
|
|
"Category": "",
|
|
"Description": "",
|
|
"Action": "",
|
|
"TimeFormat": ""
|
|
}
|
|
]
|