Genua Genugate Sample Event Messages
Use these sample event messages to verify a successful integration with JSA.
Note:
Due to formatting issues, paste the message format into a text editor and then remove any carriage return or line feed characters.
Genua Genugate Sample Message when you use the Syslog Protocol
The following sample message event shows a ssh-relay event and associated information.
Oct 12 04:28:18 genua.genugate.test sshrelay[1077]: LEEF:1.0|genua|genugate|8.2|E4067| devTime=2014-10-12T04:28:18+0200 devTimeFormat=yyyy-MM-dd'T'HH:mm:ssZ laddr=127.128.0.242 lport=1 msg=Error for \"CONNECT\": Code=1 Msg=connect failed: Operation timed out. No response from server. (192.168.130.14:22) relay_name=ssh rnum=247 sev=6 srcPreNAT=192.168.132.12 srcPreNATPort=38070
|
JSA field name |
Highlighted values in the event payload |
|---|---|
|
Event ID |
E4067 |
|
Source IP |
For this DSM, the value in JSA is always 127.0.0.1 when the payload does not contain a Source IP. |
|
Destination IP |
192.168.130.14 |
|
Destination Port |
22 |
|
Pre NAT Source IP |
192.168.132.12 |
|
Pre NAT Source Port |
38070 |