Use this sample event messages as a way of verifying a successful
integration with JSA.
The following table provides a sample event message for the
BeyondTrust PowerBroker DSM:
Table 1: BeyondTrust PowerBroker Sample Syslog MessageEvent name
|
Low level category
|
Sample log message
|
|---|
Finish pbrun terminated
|
Information
|
<14>Feb 15 13:23:09 qradar4292 pbforwarder.pl:
DEVICETYPE = PowerBroker EVENTID = PB EVENTCAT = unknown DDATE = USER
= SRC = DST = EVENT_HEADER = ac15208e4eaddff b1BB002 Finish pbrun
terminated: signal 1 (Hangup) unknown signal code event = "Finish"
exitdate = "2011/10/30" exitstatus = "pbrun terminated: signal 1 (Hangup)
unknown signal code" exittime = "21:01:49" i18n_exitdate = "10/30/11
" i18n_exittime = "21:01:49" logpid = 22085786 uniqueid = "ac15208e4eaddffb1BB002
|
