Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

JumpCloud

auth.jumpcloud.all.events

auth.jumpcloud.all.events

Note

Union table

This is a union table that collects events from a set of tables for easy access and analysis.

Learn more about this union table in this article.

auth.jumpcloud.directory.events

auth.jumpcloud.directory.events

auth.jumpcloud.ldap.events

auth.jumpcloud.ldap.events

auth.jumpcloud.mdm.events

auth.jumpcloud.mdm.events

auth.jumpcloud.radius.events

auth.jumpcloud.radius.events

auth.jumpcloud.software.events

auth.jumpcloud.software.events

auth.jumpcloud.sso.events

auth.jumpcloud.sso.events

auth.jumpcloud.systems.events

auth.jumpcloud.systems.events

For more information, read more About Devo tags.

...

Rw ui tabs macro
Rw tab
titleTables 1-4

Anchor
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events

Field

Type

Extra fields

eventdate

timestamp

 

hostname

str

 

initiated_by__id

str

 

initiated_by__type

str

 

initiated_by__email

str

 

initiated_by__username

str

 

initiated_by__source

str

 

initiated_by__source_metadata__name

str

 

geoip__country_code

str

 

geoip__timezone

str

 

geoip__latitude

float8

 

geoip__continent_code

str

 

geoip__region_name

str

 

geoip__region_code

str

 

geoip__longitude

float8

 

resource__id

str

 

resource__type

str

 

resource__username

str

 

changes

str

 

auth_method

str

 

auth_context__system__hostname

str

 

auth_context__system__os

str

 

auth_context__system__display_name

str

 

auth_context__system__id

str

 

auth_context__system__version

str

 

success

bool

 

mfa

bool

 

event_type

str

 

provider

str

 

service

str

 

organization

str

 

at_version

str

 

client_ip

ip4

 

client_ipv6

ip6

 

id

str

 

user_agent__patch

str

 

user_agent__minor

str

 

user_agent__os

str

 

user_agent__major

str

 

user_agent__build

str

 

user_agent__name

str

 

user_agent__os_name

str

 

user_agent__device

str

 

association__type

str

 

association__id

str

 

association__email

str

 

timestamp

timestamp

 

hostchain

str

tag

str

rawMessage

str

Anchor
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events

Field

Type

Extra fields

eventdate

timestamp

 

hostname

str

 

err

str

 

error_message

str

 

initiated_by__type

str

 

initiated_by__username

str

 

initiated_by__email

str

 

start_tls

bool

 

tls_established

bool

 

dn

str

 

mech

str

 

auth_method

str

 

event_type

str

 

connection_id

str

 

port

str

 

success

bool

 

service

str

 

organization

str

 

at_version

str

 

error_code

str

 

id

str

 

oid

str

 

base

str

 

scope

str

 

filter

str

 

operation_number

str

 

username

str

 

timestamp

timestamp

 

deref

int4

 

operation_type

str

 

number_of_results

int4

 

attr

str

 

hostchain

str

tag

str

rawMessage

str

Anchor
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events

Field

Type

Extra fields

eventdate

timestamp

hostname

str

mdm_type

str

request_type

str

mdm_device_id

str

mdm_device_manager_id

str

command__request_type

str

command__payload

str

event_type

str

command_uuid

str

service

str

organization

str

at_version

str

error_chain

str

id

str

timestamp_str

str

timestamp

timestamp

status

str

hostchain

str

tag

str

rawMessage

str

Anchor
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events

Field

Type

Extra fields

eventdate

timestamp

 

hostname

str

 

initiated_by__id

str

 

initiated_by__type

str

 

initiated_by__email

str

 

id

str

 

nas_mfa_state

str

 

auth_type

str

 

eap_type

str

 

client_ip

ip4

 

client_ipv6

ip6

 

geoip__country_code

str

 

geoip__timezone

str

 

geoip__latitude

float8

 

geoip__continent_code

str

 

geoip__region_name

str

 

geoip__region_code

str

 

geoip__longitude

float8

 

service

str

 

success

bool

 

username

str

 

organization

str

 

error_message

str

 

mfa

bool

 

outer__eap_type

str

 

outer__error_message

str

 

outer__username

str

 

timestamp

timestamp

 

hostchain

str

tag

str

rawMessage

str

Rw tab
titleTables 5-7

Anchor
auth.jumpcloud.software.events
auth.jumpcloud.software.events
auth.jumpcloud.software.events

Field

Type

Extra fields

eventdate

timestamp

hostname

str

initiated_by__id

str

initiated_by__type

str

system__hostname

str

system__id

str

event_type

str

application__path

str

application__uninstall_string

str

application__name

str

application__publisher

str

application__version

str

resource__id

str

resource__type

str

provider

str

service

str

organization

str

changes

str

id

str

timestamp

timestamp

hostchain

str

tag

str

rawMessage

str

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events

Field

Type

Extra fields

eventdate

timestamp

 

hostname

str

 

initiated_by__id

str

 

initiated_by__type

str

 

initiated_by__username

str

 

error_message

str

 

geoip__country_code

str

 

geoip__timezone

str

 

geoip__latitude

float8

 

geoip__continent_code

str

 

geoip__region_name

str

 

geoip__longitude

float8

 

geoip__region_code

str

 

sso_token_success

bool

 

auth_context__policies_applied

str

 

auth_context__system__hostname

str

 

auth_context__system__os

str

 

auth_context__system__display_name

str

 

auth_context__system__id

str

 

auth_context__system__version

str

 

mfa

bool

 

event_type

str

 

application__name

str

 

application__id

str

 

application__sso_url

str

 

application__display_label

str

 

provider

str

 

service

str

 

organization

str

 

at_version

str

 

client_ip

ip4

 

client_ipv6

ip6

 

idp_initiated

bool

 

id

str

 

user_agent__patch

str

 

user_agent__os

str

 

user_agent__minor

str

 

user_agent__major

str

 

user_agent__build

str

 

user_agent__name

str

 

user_agent__os_name

str

 

user_agent__device

str

 

timestamp_str

str

 

timestamp

timestamp

 

hostchain

str

tag

str

rawMessage

str

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.systems.events

Field

Type

Extra fields

eventdate

timestamp

hostname

str

initiated_by__id

str

initiated_by__type

str

initiated_by__username

str

error_message

str

geoip__country_code

str

geoip__timezone

str

geoip__latitude

float8

geoip__continent_code

str

geoip__region_name

str

geoip__longitude

float8

geoip__region_code

str

sso_token_success

bool

auth_context__policies_applied

str

mfa

bool

event_type

str

application__name

str

application__id

str

application__sso_url

str

provider

str

service

str

organization

str

at_version

str

client_ip

ip4

idp_initiated

bool

id

str

user_agent__patch

str

user_agent__os

str

user_agent__minor

str

user_agent__major

str

user_agent__build

str

user_agent__name

str

user_agent__os_name

str

user_agent__device

str

timestamp_str

str

timestamp

timestamp

hostchain

str

tag

str

rawMessage

str