Version:

Expected Log Sample

JSON

<14>Jul 30 09:13:09 MH-LP.local Authentication_Backend_Service_(Forwarded): {"EventTime":"2018-07-19 09:13:09","Hostname":"MH-LP.local","Keywords":45035996273704960,"EventType":"AUDIT_SUCCESS","SeverityValue":2,"Severity":"INFO","EventID":6050,"SourceName":"Authentication Backend Service (Forwarded)","Task":17,"RecordNumber":11111,"ExecutionProcessID":0,"ExecutionThreadID":0,"Channel":"SmsCL","Message":"Event description:\r\n\tEvent type:\t\t\tAuthentication request\r\n\tOccured at:\t\t\t7/19/2018 9:13:09 AM\r\n\tResult:\t\t\t\tSuccess\r\n\tPasscode type:\t\t\tSession-specific OTP\r\n\tSession ID:\t\t\t901a1aaa-1111-1111-1a1a-11a1111aa111 [created: 19-07-2018 09:12:59]\r\n\r\nAuthentication request source:\r\n\tLogin:\t\t\t\tcoj\r\n\tUser:\t\t\t\tBob[lp\\cj]\r\n\tEnd-user IP:\t\t\t192.168.21.210\r\n\t\t\t\t\tCountry:\t\tABC\r\n\t\t\t\t\tOrganization:\tLP ABC\r\n\t\t\t\t\tCategory:\tNon-trusted\r\n\tClient  (message requester):\t10.1.4.20 [hst-ad01]\r\n\tClient type:\t\t\tRADIUS\r\n\tAuth. backend server:\t\t10.1.4.80 [mh-smsplb01]\r\n\r\nPolicies applied:\r\n\tAuthentication Policy:\t\tMiracle (default rule)\r\n\tPasscode Policy:\t\t\tDefault Passcode Policy\r\n\tDispatch Policy:\t\t\tDP - SMS sec-first\r\n\r\nSettings of the applied Authentication Policy rule:\r\n\tDescription:\t\t\tDefault Authentication Rule\r\n\tAccess:\t\t\t\tAllow access, use MFA\r\n\r\nDispatch Policy rule evaluation history:\r\n\tRule #1:\t\t\t\tApplied - dispatch target missing on the user.\r\n\t\t\t\t\tDispatch type:\tSMS using modem group 'All modems'\r\n\tDefault rule:\t\t\tApplied - a passcode message was sent successfully.\r\n\t\t\t\t\tDispatch type:\tSMS using modem group 'All modems'\r\n\t\t\t\t\tDispatch target:\t+4512345\r\n\t\t\t\t\tTransmitter:\tm-smslp01\r\n\t\t\t\t\tModem:\t\tCOM3","Category":"Authentication","Opcode":"Info","EventData":"<Data>Event description:\r\n\tEvent type:\t\t\tAuthentication request\r\n\tOccured at:\t\t\t7/19/2018 9:13:09 AM\r\n\tResult:\t\t\t\tSuccess\r\n\tPasscode type:\t\t\tSession-specific OTP\r\n\tSession ID:\t\t\t905a5cbb-1111-1111-1a1a-11a1111aa111 [created: 19-07-2018 09:12:59]\r\n\r\nAuthentication request source:\r\n\tLogin:\t\t\t\tcoj\r\n\tUser:\t\t\t\tBob [lp\\cj]\r\n\tEnd-user IP:\t\t\t192.168.21.210\r\n\t\t\t\t\tCountry:\t\tABC\r\n\t\t\t\t\tOrganization:\tLP ABC\r\n\t\t\t\t\tCategory:\tNon-trusted\r\n\tClient  (message requester):\t10.1.4.20 [hst-ad01]\r\n\tClient type:\t\t\tRADIUS\r\n\tAuth. backend server:\t\t10.1.4.80 [mh-smslp01]\r\n\r\nPolicies applied:\r\n\tAuthentication Policy:\t\tMiracle (default rule)\r\n\tPasscode Policy:\t\t\tDefault Passcode Policy\r\n\tDispatch Policy:\t\t\tDP - SMS sec-first\r\n\r\nSettings of the applied Authentication Policy rule:\r\n\tDescription:\t\t\tDefault Authentication Rule\r\n\tAccess:\t\t\t\tAllow access, use MFA\r\n\r\nDispatch Policy rule evaluation history:\r\n\tRule #1:\t\t\t\tApplied - dispatch target missing on the user.\r\n\t\t\t\t\tDispatch type:\tSMS using modem group 'All modems'\r\n\tDefault rule:\t\t\tApplied - a passcode message was sent successfully.\r\n\t\t\t\t\tDispatch type:\tSMS using modem group 'All modems'\r\n\t\t\t\t\tDispatch target:\t+4553747281\r\n\t\t\t\t\tTransmitter:\tmh-smspmgw01\r\n\t\t\t\t\tModem:\t\tCOM3</Data>","EventReceivedTime":"2018-07-19 09:13:10","SourceModuleName":"wineventlog_in","SourceModuleType":"im_msvistalog"}
Helpful?

We are glad this guide helped.


Please don't include any personal information in your comment

Contact Support