auth.rsa
- Juan Tomás Alonso Nieto (Deactivated)
Introduction
Tags beginning with auth.rsa identify events generated by RSA SecurID.
Valid tags and data tables
The full tag must have 4 levels. The first two are fixed as auth.rsa. The third level identifies the type of events sent, and the fourth level indicates the event subtype.
Technology | Brand | Type | Subtype |
|---|---|---|---|
auth | rsa |
|
|
These are the valid tags and corresponding data tables that will receive the parsers' data:
Tag | Data table |
|---|---|
auth.rsa.secureid.system | auth.rsa.secureid.system |
auth.rsa.secureid.runtime | auth.rsa.secureid.runtime |
auth.rsa.secureid.admin | auth.rsa.secureid.admin |
auth.rsa.secureid.trace | auth.rsa.secureid.trace |
Relay rules
Add the following rule for auth.rsa.secureid parsers:
Source port |
|
|---|---|
Source message |
|
Target tag |
|
Sent without syslog tag | ✓ |
Stop processing | ✓ |
Table structure