Apache HTTP Server Sample Event Messages
Use these sample event messages to verify a successful integration with JSA.
Due to formatting issues, paste the message format into a text editor and then remove any carriage return or line feed characters.
Apache HTTP Server Sample Messages when you use the Syslog Protocol
Sample 1: The following sample event is generated when a user is authenticated.
<86>Jun 28 06:00:19 apache.httpserver.test sshd[11148]: pam_vas: Authentication <succeeded> for <Active Directory> user: <svc_unix> account: <DOMAINNAME\svc_unix_secscan> service: <sshd> reason: <>
JSA field name |
Highlighted values in the event payload |
---|---|
Event ID |
Authentication user (extracted from the event content) |
Event Category |
sshd |
Username |
svc_unix |
Sample 2: The following sample event message shows that an HTTP 403 system status occurred.
Oct 21 10:05:35 apache.httpserver.test httpd: 10.100.100.101 172.16.210.237 - - [26/Jan/ 2006:12:24:54 +0000] "HEAD / HTTP/1.0" 403 123 "-" "-"
JSA field name |
Highlighted values in Apache event |
---|---|
Event ID |
403 |
Event Category |
apache (extracted from the event content) |
Source IP |
10.100.100.101 |
Destination IP |
172.16.210.237 |