auth.securenvoy

The tags beginning with auth.securenvoy identify log events generated by SecurEnvoy SecurAccess. These tags were tested using SecurEnvoy version 9.3.502.

Tag structure

The full tag must have three levels. The first two are fixed as auth.securenvoy. The third level identifies the event type and must be one of admin, batch, enrol, radius, websms, or syslog. The fourth level is not used.

Technology	Brand	Type	Subtype
auth	securenvoy	admin batch enrol radius websms syslog	Not used

Therefore, the valid tags include:

auth.securenvoy.admin
auth.securenvoy.batch
auth.securenvoy.enrol
auth.securenvoy.radius
auth.securenvoy.websms
auth.securenvoy.syslog

Once SecurEnvoy events are delivered to Devo, they will be accessible from the Finder in tables with the same names.

For more information, read more about Devo tags.

Configuration

All SecurEnvoy events should be sent to a Devo Relay for tagging and forwarding to Devo. The events can be directed to a single port; you will set up a series of rules to identify the event types and apply the correct Devo tag to each type.

The order of rule execution is important, with the rule that identifies syslog events being the final rule. The rules that precede it identify events by values in the source message, then use the Stop Processing option to prevent further rules from running on the event. The final rule applies the auth.securenvoy.syslog tag to all events that have not met the previous rules.

The example rules below are based on port 13010 on the relay but you can use any free port you choose. Select Sent without syslog tag in all rules because the events the relay will receive do not contain syslog tags.