Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 4 Next »

Introduction

Tags beginning with auth.ping identify events generated by PingIdentity.

Valid tags and data tables

The full tag must have 4 levels. The first two are fixed as auth.ping. The third level identifies the type of events sent, and the fourth level indicates the event subtype. 

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tag

Data table

PingFederate

auth.ping.federate.audit

auth.ping.federate.audit

auth.ping.federate.security_audit

auth.ping.federate.security_audit

auth.ping.federate.server

auth.ping.federate.server

auth.ping.id.mfa

auth.ping.id.mfa


Table structure

auth.ping.id.mfa

Field

Value

Extra field

eventdate

timestamp

-

hostname

str

-

action

str

-

actors__type_str

str

-

actors__id_str

str

-

actors__name_str

str

-

source

str

-

id

str

-

client2

str

-

result__status

str

-

result__message

str

-

recorded

str

-

hostchain

str

tag

str

rawMessage

str

auth.ping.federate.security_audit

Field

Value

Extra field

eventdate

timestamp

-

hostname

str

-

transactionTime

timestamp

-

trackingId

str

-

event

str

-

subject

str

-

ip

ip4

-

app

str

-

connectionId

str

-

protocol

str

-

host

str

-

role

str

-

status

str

-

adapterId

str

-

description

str

-

responseTime

int4

-

hostchain

str

tag

str

rawMessage

str

  • No labels