Netskope Active Sample Event Message
Use this sample event message as a way of verifying a successful integration with JSA.
Netskope Active sample messages when you use the Netskope Rest API protocol
Due to formatting, paste the message formats into a text editor and then remove any carriage return or line feed characters.
Sample 1: The following sample shows an anomaly collaboration event.
{“dstip”:”XXXXX”,”dst_location”:”XXXXX”,”last_timestamp”:1436237104,”latency_total”:74,”app”
:”Google Hangouts”,”profile_id”:”XXXX”,”last_country”:”XX”,”device”:”Windows
Device”,”src_location”:”N/A” ,”alert_type”:”anomaly”,”id”:66483,”app_session_id”:XXXXX,”event_type”:”proximity”,”risk_level”:
”high”,”client_bytes”:3109,”last_location”:XXXX],”dst_region”:”XXX”,”last_device”:”Windows
Device”,”conn_durat ion”:XXX,”dst_country”:”XXX”,”resp_cnt”:3,”ccl”:”high”,”src_zipcode”:”N/
A”,”req_cnt”:3,”src_timezone”: ”unknown”,”server_bytes”:2012,”type”:”connection”,”access_method”:”Client”,”latency_min”:24,
”organization_unit”:”“,”dst_latitude”:XXXX,”timestamp”:1436237457,”src_region”:”N/
A”,”src_latitude”:XX, ”connection_id”:XXX,”dst_longitude”:-XXX,”alert”:”yes”,”app_action_cnt”:0,”last_app”:”Google
Hangouts”,”user” :”XXX”,”src_longitude”:-
XX,”srcip”:”XXXXX”,”src_country”:”XX”,”last_region”:”CO”,”appcategory”:”Collaboration
”,”conn_endtime”:1436237457,”count”:1,”acked”:”false”,”_id”:”XXXX”,”dst_zipcode”:”XXX”,”risk
_level_id”:2,”sv”:”unknown”,”latency_max”:25,”numbytes”:5121,”alert_name”:”proximity”,”conn_
starttime”:1436237210,”userip”:”XXXX”,”telemetry_app”:”“,”browser”:”Chrome”,”os”:”Windows
8.1”}
Sample 2: The following sample shows a user login successful audit event.
{“supporting_data”:{“data_values”:[“XXX”,”XXXX],”data_type”:”user”},”severity_level”:2,”time
stamp”:1419922155,”organization_unit”:”“,”ccl”:”unknown”,”user”:”XXXXXX”,”audit_log_event”:”Login
Succes sful”,”_id”:”XXXXXX”,”type”:”admin_audit_logs”,”appcategory”:”n/a”}