Sample Event Message
Use these sample event messages as a way of verifying a successful integration with JSA.
Blue Coat sample message when you use the Blue Coat Web Security REST API protocol
Note:
Due to formatting, paste the message format into a text editor and then remove any carriage return or line feed characters.
source-log-file=cloud_26754_20190506090002.log.gz x-bluecoat-request-tenant-id= 26754 date =2019-05-06 time =09:03: 46 x-bluecoat-appliance-name="AA11-aaa1_test" time-taken=13 c-ip =10.10.10.11 cs-userdn =OS\ estUser cs-auth-groups=- x-exception-id=- sc-filter-result=OBSERVED cs-categories="Technology/Internet;Web Ads/Analytics" cs(Referer)=- sc-status= 200 s-action =TCP_NC_MISS cs-method=GET rs(Content- Type)=application/json cs-uri-scheme=https cs-host=domain.test cs-uri-port =443 cs-uri-path=/settings/v2.0/analog/ASAP_VES cs-uri-query=?os=windows=10.0.17134.1.amd64fre.rs4_release.180410-1804=%1111 111111-9C67-47FB-AE69-111111111111%7D cs-uri-extension=- cs(User-Agent)="OneSet tingsQuery" s-ip=192.168.15.66 sc-bytes=835 cs-bytes=255 x-data-leak
JSA Field Name |
Highlighted payload field name |
|---|---|
Event ID |
s-action If the s-action field doesn't contain a valid value, the cs-method field is used. |
Source IP |
c-ip |
Destination IP |
r-ip |
Destination Port |
cs-uri-port |
Device Time |
date + time |
Username |
Username cs-userdn |