Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Sample Event Message

Use these sample event messages as a way of verifying a successful integration with JSA.

Note:

Due to formatting issues, paste the message format into a text editor and then remove any carriage returns or line feed characters.

Netgate pfSense sample message when you use the Syslog protocol

The following sample event message shows that the event indicates that a name server DNS query was made.

<30>Mar 17 00:35:02 unbound: [33068:6] info: 192.168.1.222 hostname.test. NS IN

Table 1: Highlighted fields

JSA field name

Highlighted payload field name

Event Name

NS

Source IP

192.168.1.222

Netgate pfSense sample message when you use the Syslog protocol

The following sample event message shows a firewall permit event.

<134>Mar 10 08:43:23 filterlog: 100,,,1581299744,hn0,match, pass ,out,4,0x0,,127,46462,0,DF, 6 , tcp,52, 192.168.0.10 , 192.168.2.3 , 10945 , 443 ,0,S,1283715954,,64240,,mss;nop;wscale; nop;nop;sackOK

Table 2: Highlighted fields

JSA field name

Highlighted payload field name

Event Name

pass

Protocol

6 (TCP)

Source IP

192.168.0.10

Destination IP

192.168.2.3

Source Port

10945

Destination Port

443