dmp.pure_storage
Introduction
The tags beginning with dmp.pure_storage
identify events generated by Pure Storage.
Valid tags and data tables
The full tag must have 4 levels. The first two are fixed as dmp.pure_storage
. The third level identifies the type of events sent.
These are the valid tags and corresponding data tables that will receive the parsers' data:
Product / Service | Tags | Data tables |
---|---|---|
Pure Storage |
|
|
|
|
For more information, read more about Devo tags.
How is the data sent to Devo?
Logs generated by Pure Storage must be sent to the Devo platform via the Devo Relay to secure communication. See the required relay rules below:
Rule 1
Source port - Any available port, for example
13010
Source message -
purity.audit
Target tag -
dmp.pure_storage.purity.audit
Stop processing - ✓
Rule 2
Source port - Any available port, should be the same as rule 1, for example
13010
Target tag -
dmp.pure_storage.purity.event
Stop processing - ✓
No 3rd-party mechanism is used. No collector is needed.
Table structure
These are the fields displayed in these tables:
dmp.pure_storage.purity.audit
Field | Type | Extra fields |
---|---|---|
eventdate |
|
|
machine |
|
|
event_time |
|
|
event_host |
|
|
event_process |
|
|
event_pid |
|
|
message_id |
|
|
array_name |
|
|
controller |
|
|
interface |
|
|
module |
|
|
session |
|
|
utc_time |
|
|
user |
|
|
location |
|
|
location_ipv4 |
|
|
sublocation |
|
|
action |
|
|
method |
|
|
result |
|
|
description |
|
|
hostchain |
| ✓ |
tag |
| ✓ |
rawMessage |
| ✓ |
dmp.pure_storage.purity.event
Field | Type | Source field name | Extra fields |
---|---|---|---|
eventdate |
|
|
|
machine |
|
|
|
message |
| rawMessage |
|
hostchain |
|
| ✓ |
tag |
|
| ✓ |
rawMessage |
|
| ✓ |