Document toolboxDocument toolbox

auth.securenvoy

The tags beginning with auth.securenvoy identify log events generated by SecurEnvoy SecurAccess. These tags were tested using SecurEnvoy version 9.3.502.

Tag structure

The full tag must have three levels. The first two are fixed as auth.securenvoy. The third level identifies the event type and must be one of admin, batch, enrol, radius, websms, or syslog. The fourth level is not used. 

Technology

Brand

Type

Subtype

Technology

Brand

Type

Subtype

auth

securenvoy

  • admin

  • batch

  • enrol

  • radius

  • websms

  • syslog

Not used

Therefore, the valid tags include:

  • auth.securenvoy.admin

  • auth.securenvoy.batch

  • auth.securenvoy.enrol

  • auth.securenvoy.radius

  • auth.securenvoy.websms

  • auth.securenvoy.syslog

Once SecurEnvoy events are delivered to Devo, they will be accessible from the Finder in tables with the same names.

For more information, read more about Devo tags.

Configuration

All SecurEnvoy events should be sent to a Devo Relay for tagging and forwarding to Devo. The events can be directed to a single port; you will set up a series of rules to identify the event types and apply the correct Devo tag to each type.

The order of rule execution is important, with the rule that identifies syslog events being the final rule. The rules that precede it identify events by values in the source message, then use the Stop Processing option to prevent further rules from running on the event. The final rule applies the auth.securenvoy.syslog tag to all events that have not met the previous rules.

The example rules below are based on port 13010 on the relay but you can use any free port you choose. Select Sent without syslog tag in all rules because the events the relay will receive do not contain syslog tags. 

Rule 1 - Radius server events

  • Source Port → 13010

  • Source Message → Radius

  • Target Tag → auth.securenvoy.radius

  • Select both Stop Processing and Sent without syslog tag

Rule 2 - Batch server events

  • Source Port → 13010

  • Source Message → Batch Server

  • Target Tag → auth.securenvoy.batch

  • Select both Stop Processing and Sent without syslog tag

Rule 3 - WebSMS Gateway events

  • Source Port → 13010

  • Source Message → WebSMS Gateway

  • Target Tag → auth.securenvoy.websms

  • Select both Stop Processing and Sent without syslog tag

 

Rule 4 - Admin events

  • Source Port → 13010

  • Source Message → admin

  • Target Tag → auth.securenvoy.admin

  • Select both Stop Processing and Sent without syslog tag

Rule 5 - Enrol events

  • Source Port → 13010

  • Source Message → enrol

  • Target Tag → auth.securenvoy.enrol

  • Select both Stop Processing and Sent without syslog tag

Rule 6 - Syslog events

  • Source Port → 13010

  • Source Message → <none>

  • Target Tag → auth.securenvoy.syslog

  • Select both Stop Processing and Sent without syslog tag

Â