Document toolboxDocument toolbox

auth.securenvoy

The tags beginning with auth.securenvoy identify log events generated by the SecurEnvoy platform.

Tag structure

The full tag must have 3 levels. The first two are fixed as auth.securenvoy. The third level identifies the type of events sent.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

SecurIdentity platform

auth.securenvoy.admin

auth.securenvoy.admin

auth.securenvoy.batch

auth.securenvoy.batch

auth.securenvoy.enrol

auth.securenvoy.enrol

auth.securenvoy.radius

auth.securenvoy.radius

auth.securenvoy.syslog

auth.securenvoy.syslog

auth.securenvoy.websms

auth.securenvoy.websms

Once SecurEnvoy events are delivered to Devo, they will be accessible from the finder in tables with the same names.

For more information, read more about Devo tags.

How is the data sent to Devo?

All SecurEnvoy events should be sent to a Devo Relay for tagging and forwarding to Devo. The events can be directed to a single port; you will set up a series of rules to identify the event types and apply the correct Devo tag to each type.

The order of rule execution is important, with the rule that identifies syslog events being the final rule. The rules that precede it identify events by values in the source message, then use the Stop processing option to prevent further rules from running on the event. The final rule applies the auth.securenvoy.syslog tag to all events that have not met the previous rules.

The example rules below are based on port 13010 on the relay but you can use any free port you choose. Select Sent without syslog tag in all rules because the events the relay will receive do not contain syslog tags.

Rule 1 - Radius server events

  • Source port  13010

  • Source message  Radius

  • Target tag  auth.securenvoy.radius

  • Select both Stop processing and Sent without syslog tag

Rule 2 - Batch server events

  • Source port  13010

  • Source message  Batch Server

  • Target tag  auth.securenvoy.batch

  • Select both Stop processing and Sent without syslog tag

Rule 3 - WebSMS Gateway events

  • Source port  13010

  • Source message  WebSMS Gateway

  • Target tag  auth.securenvoy.websms

  • Select both Stop processing and Sent without syslog tag

Rule 4 - Admin events

  • Source port  13010

  • Source message  admin

  • Target tag  auth.securenvoy.admin

  • Select both Stop processing and Sent without syslog tag

Rule 5 - Enrol events

  • Source port  13010

  • Source message  enrol

  • Target tag  auth.securenvoy.enrol

  • Select both Stop processing and Sent without syslog tag

Rule 6 - Syslog events

  • Source port  13010

  • Source message  <none>

  • Target tag  auth.securenvoy.syslog

  • Select both Stop processing and Sent without syslog tag

Table structure

These are the fields displayed in these tables: