Page Comparison

Table of Contents

maxLevel	2
type	flat

Introduction

Tags beginning with auth.jumpcloud identify events generated by Jumpcloud.

Valid tags and data tables

The full tag must have 4 levels. The first two are fixed as auth.jumpcloud. The third level identifies the type of events sent, and the fourth level indicates the event subtype.

Technology	Brand	Type	Subtype
auth	jumpcloud	all	events
		directory
		ldap
		mdm
		radius
		software
		sso
		systems

These are the valid tags and corresponding data tables that will receive the parsers' data:

Tag	Data table
auth.jumpcloud.directory.events	auth.jumpcloud.directory.events
auth.jumpcloud.ldap.events	auth.jumpcloud.ldap.events
auth.jumpcloud.mdm.events	auth.jumpcloud.mdm.events
auth.jumpcloud.radius.events	auth.jumpcloud.radius.events
auth.jumpcloud.software.events	auth.jumpcloud.software.events
auth.jumpcloud.sso.events	auth.jumpcloud.sso.events

Table structure

Rw ui tabs macro

Rw tab

title	Table 1-5

[auth.jumpcloud.directory.events][auth.jumpcloud.ldap.events][auth.jumpcloud.mdm.events][auth.jumpcloud.radius.events][auth.jumpcloud.software.events]

Anchor
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events

Field	Type	Extra Label
eventdate	`timestamp`	-
hostname	`str`	-
initiated_by__id	`str`	-
initiated_by__type	`str`	-
initiated_by__email	`str`	-
initiated_by__username	`str`	-
initiated_by__source	`str`	-
initiated_by__source_metadata__name	`str`	-
geoip__country_code	`str`	-
geoip__timezone	`str`	-
geoip__latitude	`float8`	-
geoip__continent_code	`str`	-
geoip__region_name	`str`	-
geoip__region_code	`str`	-
geoip__longitude	`float8`	-
resource__id	`str`	-
resource__type	`str`	-
resource__username	`str`	-
changes	`str`	-
auth_method	`str`	-
success	`bool`	-
mfa	`bool`	-
event_type	`str`	-
provider	`str`	-
service	`str`	-
organization	`str`	-
at_version	`str`	-
client_ip	`ip4`	-
id	`str`	-
user_agent__patch	`str`	-
user_agent__minor	`str`	-
user_agent__os	`str`	-
user_agent__major	`str`	-
user_agent__build	`str`	-
user_agent__name	`str`	-
user_agent__os_name	`str`	-
user_agent__device	`str`	-
association__type	`str`	-
association__id	`str`	-
association__email	`str`	-
timestamp	`timestamp`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Anchor
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events

Field	Type	Extra Label
eventdate	`timestamp`	-
hostname	`str`	-
err	`str`	-
error_message	`str`	-
initiated_by__type	`str`	-
initiated_by__username	`str`	-
initiated_by__email	`str`	-
start_tls	`bool`	-
tls_established	`bool`	-
dn	`str`	-
mech	`str`	-
auth_method	`str`	-
event_type	`str`	-
connection_id	`str`	-
port	`str`	-
success	`bool`	-
service	`str`	-
organization	`str`	-
at_version	`str`	-
error_code	`str`	-
id	`str`	-
oid	`str`	-
base	`str`	-
scope	`str`	-
filter	`str`	-
operation_number	`str`	-
username	`str`	-
timestamp	`timestamp`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Anchor
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events

Field	Type	Extra Label
eventdate	`timestamp`	-
hostname	`str`	-
mdm_type	`str`	-
request_type	`str`	-
mdm_device_id	`str`	-
mdm_device_manager_id	`str`	-
command__request_type	`str`	-
command__payload	`str`	-
event_type	`str`	-
command_uuid	`str`	-
service	`str`	-
organization	`str`	-
at_version	`str`	-
error_chain	`str`	-
id	`str`	-
timestamp_str	`str`	-
timestamp	`timestamp`	-
status	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Anchor
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events

Field	Type	Extra Label
eventdate	`timestamp`	-
hostname	`str`	-
initiated_by__id	`str`	-
initiated_by__type	`str`	-
initiated_by__email	`str`	-
id	`str`	-
nas_mfa_state	`str`	-
auth_type	`str`	-
eap_type	`str`	-
client_ip	`ip4`	-
geoip__country_code	`str`	-
geoip__timezone	`str`	-
geoip__latitude	`float8`	-
geoip__continent_code	`str`	-
geoip__region_name	`str`	-
geoip__region_code	`str`	-
geoip__longitude	`float8`	-
service	`str`	-
success	`bool`	-
username	`str`	-
organization	`str`	-
error_message	`str`	-
mfa	`bool`	-
outer__eap_type	`str`	-
outer__error_message	`str`	-
outer__username	`str`	-
timestamp	`timestamp`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Anchor
auth.jumpcloud.software.events
auth.jumpcloud.software.events
auth.jumpcloud.software.events

Field	Type	Extra Label
eventdate	`timestamp`	-
hostname	`str`	-
initiated_by__id	`str`	-
initiated_by__type	`str`	-
system__hostname	`str`	-
system__id	`str`	-
event_type	`str`	-
application__path	`str`	-
application__uninstall_string	`str`	-
application__name	`str`	-
application__publisher	`str`	-
application__version	`str`	-
resource__id	`str`	-
resource__type	`str`	-
provider	`str`	-
service	`str`	-
organization	`str`	-
changes	`str`	-
id	`str`	-
timestamp	`timestamp`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Rw tab

title	Tables 6-7

[auth.jumpcloud.sso.events][auth.jumpcloud.sso.events]

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events

Field	Type	Extra Label
eventdate	`timestamp`	-
hostname	`str`	-
initiated_by__id	`str`	-
initiated_by__type	`str`	-
initiated_by__username	`str`	-
error_message	`str`	-
geoip__country_code	`str`	-
geoip__timezone	`str`	-
geoip__latitude	`float8`	-
geoip__continent_code	`str`	-
geoip__region_name	`str`	-
geoip__longitude	`float8`	-
geoip__region_code	`str`	-
sso_token_success	`bool`	-
auth_context__policies_applied	`str`	-
mfa	`bool`	-
event_type	`str`	-
application__name	`str`	-
application__id	`str`	-
application__sso_url	`str`	-
provider	`str`	-
service	`str`	-
organization	`str`	-
at_version	`str`	-
client_ip	`ip4`	-
idp_initiated	`bool`	-
id	`str`	-
user_agent__patch	`str`	-
user_agent__os	`str`	-
user_agent__minor	`str`	-
user_agent__major	`str`	-
user_agent__build	`str`	-
user_agent__name	`str`	-
user_agent__os_name	`str`	-
user_agent__device	`str`	-
timestamp_str	`str`	-
timestamp	`timestamp`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events

Field	Type	Extra Label
eventdate	`timestamp`	-
hostname	`str`	-
initiated_by__id	`str`	-
initiated_by__type	`str`	-
initiated_by__username	`str`	-
error_message	`str`	-
geoip__country_code	`str`	-
geoip__timezone	`str`	-
geoip__latitude	`float8`	-
geoip__continent_code	`str`	-
geoip__region_name	`str`	-
geoip__longitude	`float8`	-
geoip__region_code	`str`	-
sso_token_success	`bool`	-
auth_context__policies_applied	`str`	-
mfa	`bool`	-
event_type	`str`	-
application__name	`str`	-
application__id	`str`	-
application__sso_url	`str`	-
provider	`str`	-
service	`str`	-
organization	`str`	-
at_version	`str`	-
client_ip	`ip4`	-
idp_initiated	`bool`	-
id	`str`	-
user_agent__patch	`str`	-
user_agent__os	`str`	-
user_agent__minor	`str`	-
user_agent__major	`str`	-
user_agent__build	`str`	-
user_agent__name	`str`	-
user_agent__os_name	`str`	-
user_agent__device	`str`	-
timestamp_str	`str`	-
timestamp	`timestamp`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Version	Old Version 10	New Version 11
Changes made by	Former user	Former user
Saved on	Feb 21, 2023	Feb 21, 2023

Versions Compared

Key

Introduction

Valid tags and data tables

Table structure

Anchor
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events

Anchor
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events

Anchor
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events

Anchor
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events

Anchor
auth.jumpcloud.software.events
auth.jumpcloud.software.events
auth.jumpcloud.software.events

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events

Page Comparison

Versions Compared

Key

Introduction

Valid tags and data tables

Table structure

Anchorauth.jumpcloud.directory.eventsauth.jumpcloud.directory.eventsauth.jumpcloud.directory.events

Anchorauth.jumpcloud.ldap.eventsauth.jumpcloud.ldap.eventsauth.jumpcloud.ldap.events

Anchorauth.jumpcloud.mdm.eventsauth.jumpcloud.mdm.eventsauth.jumpcloud.mdm.events

Anchorauth.jumpcloud.radius.eventsauth.jumpcloud.radius.eventsauth.jumpcloud.radius.events

Anchorauth.jumpcloud.software.eventsauth.jumpcloud.software.eventsauth.jumpcloud.software.events

Anchorauth.jumpcloud.sso.eventsauth.jumpcloud.sso.eventsauth.jumpcloud.sso.events

Anchorauth.jumpcloud.sso.eventsauth.jumpcloud.sso.eventsauth.jumpcloud.sso.events

Anchor
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events

Anchor
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events

Anchor
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events

Anchor
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events

Anchor
auth.jumpcloud.software.events
auth.jumpcloud.software.events
auth.jumpcloud.software.events

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events