Sample Event Message
Use this sample event message to verify a successful integration with JSA.
Due to formatting issues, paste the message format into a text editor and then remove any carriage return or line feed characters.
Apple Mac OS X sample message when you use the Syslog protocol
The following sample event message shows an invalid user.
May 1 10:33:35 apple.macosx.test sshd[8565]: Invalid
user testUser from 192.168.0.1
JSA Field name |
Highlighted payload field name |
---|---|
Event ID |
Invalid user is extracted from the event. |
Username |
testUser is extracted from the event. |
Source IP |
192.168.0.1 is extracted from the event. |
Device Time |
May 1 10:33:35 is extracted from the event header. |