Versions Compared

Old Version 1

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

compared with

New Version Current

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Converted from version 'v7.0.8'.

Table of Contents
maxLevel2
minLevel2
typeflat

The tag auth.secureauth.events identifies all log events generated by SecureAuth IdP. This procedure was implemented for version 9.1.

For information about SecureAuth IdP, see the vendor documentation online.

...

This technology uses a single tag to support the audit, debug, and error logs generated by SecureAuth IdP. The tag is simply auth.secureauth.events and the associated events are saved in Devo in a table of the same name. For more information, read more about Devo tags.

...

Step 2: Configure event sending in SecureAuth IdP

In SecureAuth, you need to enable the sending of the audit, debug, and error logs in syslog format, then set up your Devo relay as a syslog server. To do so, follow the vendor instructions for log configuration, and be sure to:

  • In the Log Options section, select the Syslog checkbox for each of the audit, debug, and error logs.
  • In the Syslog section, enter the Devo relay's IP address as the Syslog server and the port to which you will send the events. Note that this is the port for which you will set up the relay rule later in this procedure. Select RFC3164 as the Syslog RFC Spec and choose CEF as the Spec format.

Once events are being sent from SecureAuth to the Devo relay, the auth.securauth.events table will appear in Devo in Data Search → Finder.

...