Page Comparison

Table of Contents

maxLevel	2
type	flat

Introduction

Tags beginning with auth.jumpcloud identify events generated by Jumpcloud JumpCloud.

Valid tags and data tables

The full tag must have 4 levels. The first two are fixed asauth.jumpcloud. The third level identifies the type of events sent, and the fourth level indicates the event subtype.

...

Technology

...

Brand

...

Type

...

Subtype

...

auth

...

jumpcloud

...

all

...

events

...

directory

...

ldap

...

mdm

...

radius

...

software

...

sso

...

These are the valid tags and corresponding data tables that will receive the parsers' data:

Data table
Product / Service
Tag
Tags
Data tables
JumpCloud
auth.jumpcloud.all.events
auth.jumpcloud.all.events
Note
Union table
This is a union table that collects events from a set of tables for easy access and analysis.
Learn more about this union table in this article.
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events
auth.jumpcloud.software.events
auth.jumpcloud.software.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.systems.events
auth.jumpcloud.systems.events

For more information, read more About Devo tags.

Table structure

These are the fields displayed in these tables:

-

Rw ui tabs macro

Rw tab

title	Table Tables 1-54

[

auth.jumpcloud.directory.events

][

auth.jumpcloud.ldap.events

][

auth.jumpcloud.mdm.events

][

auth.jumpcloud.radius.events

][auth.jumpcloud.software.events]

Anchor
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events

Field	Type	Extra

Label

fields
eventdate	`timestamp`

-


hostname	`str`

-


initiated_by__id	`str`

-


initiated_by__type	`str`

-


initiated_by__email	`str`

-


initiated_by__username	`str`

-


initiated_by__source	`str`

-


initiated_by__source_metadata__name	`str`

-


geoip__country_code	`str`

-


geoip__timezone	`str`

-


geoip__latitude	`float8`

-


geoip__continent_code	`str`

-


geoip__region_name	`str`

-


geoip__region_code	`str`

-


geoip__longitude	`float8`

-


resource__id	`str`

-


resource__type	`str`

-


resource__username	`str`

-


changes	`str`

-


auth_method	`str`
auth_context__system__hostname	`str`
auth_context__system__os	`str`
auth_context__system__display_name	`str`
auth_context__system__id	`str`
auth_context__system__version	`str`

-


success	`bool`

-


mfa	`bool`

-


event_type	`str`

-


provider	`str`

-


service	`str`

-


organization	`str`

-


at_version	`str`

-


client_ip	`ip4`

-


client_ipv6	`ip6`
id	`str`

-


user_agent__patch	`str`

-


user_agent__minor	`str`

-


user_agent__os	`str`

-


user_agent__major	`str`

-


user_agent__build	`str`

-


user_agent__name	`str`

-


user_agent__os_name	`str`

-


user_agent__device	`str`

-


association__type	`str`

-


association__id	`str`

-


association__email	`str`

-


timestamp	`timestamp`

-


hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Anchor
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events

Field	Type	Extra

Label

fields
eventdate	`timestamp`

-


hostname	`str`

-


err	`str`

-


error_message	`str`

-


initiated_by__type	`str`

-


initiated_by__username	`str`

-


initiated_by__email	`str`

-


start_tls	`bool`

-


tls_established	`bool`

-


dn	`str`

-


mech	`str`

-


auth_method	`str`

-


event_type	`str`

-


connection_id	`str`

-


port	`str`

-


success	`bool`

-


service	`str`

-


organization	`str`

-


at_version	`str`

-


error_code	`str`

-


id	`str`

-


oid	`str`

-


base	`str`

-


scope	`str`

-


filter	`str`

-


operation_number	`str`

-


username	`str`

-


timestamp	`timestamp`

-


deref	`int4`
operation_type	`str`
number_of_results	`int4`
attr	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Anchor
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events

Field	Type	Extra Label fields
eventdate	`timestamp`	-
hostname	`str`	-
mdm_type	`str`-
request_type	`str`-
mdm_device_id	`str`	-
mdm_device_manager_id	`str`-
command__request_type	`str`-
command__payload	`str`-
event_type	`str`	-
command_uuid	`str`	-
service	`str`-
organization	`str`-
at_version	`str`-
error_chain	`str`	-
id	`str`	-
timestamp_str	`str`	-
timestamp	`timestamp`-
status	`str`-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Anchor
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events

Field	Type	Extra

Label

fields
eventdate	`timestamp`

-


hostname	`str`

-


initiated_by__id	`str`

-


initiated_by__type	`str`

-


initiated_by__email	`str`

-


id	`str`

-


nas_mfa_state	`str`

-


auth_type	`str`

-


eap_type	`str`

-


client_ip	`ip4`

-


client_ipv6	`ip6`
geoip__country_code	`str`

-


geoip__timezone	`str`

-


geoip__latitude	`float8`

-


geoip__continent_code	`str`

-


geoip__region_name	`str`

-


geoip__region_code	`str`

-


geoip__longitude	`float8`

-


service	`str`

-


success	`bool`

-


username	`str`

-


organization	`str`

-


error_message	`str`

-


mfa	`bool`

-


outer__eap_type	`str`

-


outer__error_message	`str`

-


outer__username	`str`

-


timestamp	`timestamp`

-


hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Rw tab

title	Tables 5-7

auth.jumpcloud.software.events
auth.jumpcloud.sso.events
auth.jumpcloud.systems.events

Anchor
auth.jumpcloud.software.events
auth.jumpcloud.software.events
auth.jumpcloud.software.events

Field	Type	Extra fields
eventdate	`timestamp`
hostname	`str`
initiated_by__id	`str`
initiated_by__type	`str`
system__hostname	`str`
system__id	`str`
event_type	`str`
application__path	`str`
application__uninstall_string	`str`
application__name	`str`
application__publisher	`str`
application__version	`str`
resource__id	`str`
resource__type	`str`
provider	`str`
service	`str`
organization	`str`
changes	`str`
id	`str`
timestamp	`timestamp`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events

Field	Type	Extra

Label

fields
eventdate	`timestamp`

-


hostname	`str`

-


initiated_by__id	`str`

-


initiated_by__type	`str`
initiated_by__username	`str`
error_message	`str`
geoip__country_code	`str`
geoip__timezone	`str`
geoip__latitude	`float8`
geoip__continent_code	`str`
geoip__region_name	`str`

-

system__hostname

str

-

system__id

str

-

event_type

str

-

application__path

str

-

application__uninstall_string

str

-

application__name

str

-

application__publisher

str

-

application__version

str

-

resource__id

str

-

resource__type

str

-

provider

str

-

service

str

-

organization

str

-

changes

str

-

id

str

-

timestamp

timestamp


geoip__longitude	`float8`
geoip__region_code	`str`
sso_token_success	`bool`
auth_context__policies_applied	`str`
auth_context__system__hostname	`str`
auth_context__system__os	`str`
auth_context__system__display_name	`str`
auth_context__system__id	`str`
auth_context__system__version	`str`
mfa	`bool`
event_type	`str`
application__name	`str`
application__id	`str`
application__sso_url	`str`
application__display_label	`str`
provider	`str`
service	`str`
organization	`str`
at_version	`str`
client_ip	`ip4`
client_ipv6	`ip6`
idp_initiated	`bool`
id	`str`
user_agent__patch	`str`
user_agent__os	`str`
user_agent__minor	`str`
user_agent__major	`str`
user_agent__build	`str`
user_agent__name	`str`
user_agent__os_name	`str`
user_agent__device	`str`
timestamp_str	`str`
timestamp	`timestamp`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Version	Old Version 9	New Version Current
Changes made by	Former user	Juan Tomás Alonso Nieto (Deactivated)
Saved on	Feb 21, 2023	Feb 27, 2024

Versions Compared

Key

Introduction

Valid tags and data tables

Table structure

Anchor
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events

Anchor
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events

Anchor
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events

Anchor
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events

Anchor
auth.jumpcloud.software.events
auth.jumpcloud.software.events
auth.jumpcloud.software.events

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.systems.events

Page Comparison

Versions Compared

Key

Introduction

Valid tags and data tables

Table structure

Anchorauth.jumpcloud.directory.eventsauth.jumpcloud.directory.eventsauth.jumpcloud.directory.events

Anchorauth.jumpcloud.ldap.eventsauth.jumpcloud.ldap.eventsauth.jumpcloud.ldap.events

Anchorauth.jumpcloud.mdm.eventsauth.jumpcloud.mdm.eventsauth.jumpcloud.mdm.events

Anchorauth.jumpcloud.radius.eventsauth.jumpcloud.radius.eventsauth.jumpcloud.radius.events

Anchorauth.jumpcloud.software.eventsauth.jumpcloud.software.eventsauth.jumpcloud.software.events

Anchorauth.jumpcloud.sso.eventsauth.jumpcloud.sso.eventsauth.jumpcloud.sso.events

Anchorauth.jumpcloud.sso.eventsauth.jumpcloud.sso.eventsauth.jumpcloud.systems.events

Anchor
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events
auth.jumpcloud.directory.events

Anchor
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events
auth.jumpcloud.ldap.events

Anchor
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events
auth.jumpcloud.mdm.events

Anchor
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events
auth.jumpcloud.radius.events

Anchor
auth.jumpcloud.software.events
auth.jumpcloud.software.events
auth.jumpcloud.software.events

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events

Anchor
auth.jumpcloud.sso.events
auth.jumpcloud.sso.events
auth.jumpcloud.systems.events