<< PREVIOUS                         NEXT >>

 

LOGIN AND LOGOUT EVENTS

 

CMS USER LOGGED IN SUCCESSFULLY

  1. Code: 117

  2. Brief Description: CMS User Login Successful

  3. Provided Information:

    1. IP Address of the user

    2. Role of the user

    3. Logged in timestamp

    4. Realm – Local or LDAP

    5. Username

  4. Sample log message:

    1. CEF format 

       

      Jul  6 12:22:31 10.16.6.4 CEF: 1|Virsec Security Platform|Virsec|1.3.0|117|CMS User Login Successful|8|src=10.16.6.4 role=Super Admin login_at=06 Jul 2020 04:23:36 PM UTC realm=LOCAL [email protected] msg=User [email protected] succeeded in authentication.

    2. CEF - Fixed Key Definition format

       

      Sep  7 09:48:43 10.16.6.4 CEF: 1|Virsec Security Platform|Virsec|1.4.0|117|CMS User Login Successful|8|cs1Label=src cs1=10.16.6.4 cs2Label=role cs2=Super Admin cs3Label=login_at cs3=07 Sep 2020 01:50:11 PM UTC cs4Label=realm cs4=LOCAL cs5Label=username [email protected] cs6Label=msg cs6=User [email protected] succeeded in authentication.

 

CMS USER LOGGED OUT SUCCESSFULLY

  1. Code: 118

  2. Brief Description: CMS User Logout Successful

  3. Provided Information:

    1. IP Address of the user

    2. Role of the user

    3. Logged out timestamp

    4. Realm – Local or LDAP

    5. Username

  4. Sample log message:

    1. CEF format

       

      Jul 20 03:35:53 10.16.6.4 CEF: 1|Virsec Security Platform|Virsec|1.3.0|118|CMS User Logout Successful|8|src=10.16.6.4 role=Super Admin realm=LOCAL logout_at=20 Jul 2020 07:36:41 AM UTC [email protected] msg=User [email protected] logout succeeded.

    2. CEF - Fixed Key Definition format

       

      Sep  7 09:41:03 10.16.6.4 CEF: 1|Virsec Security Platform|Virsec|1.4.0|118|CMS User Logout Successful|8|cs1Label=src cs1=10.16.6.4 cs2Label=role cs2=Super Admin cs3Label=realm cs3=LOCAL cs4Label=logout_at cs4=07 Sep 2020 01:42:31 PM UTC cs5Label=username [email protected] cs6Label=msg cs6=User [email protected] logout succeeded.

 

 

CMS USER LOGGED IN UNSUCCESSFUL

  1. Code: 119

  2. Brief Description: CMS User Login Unsuccessful

  3. Provided Information:

    1. IP Address of the user

    2. Role of the user

    3. Realm – Local or LDAP

    4. Failed at timestamp

    5. Reason

    6. Username

    7. Detailed Message

  4. Sample log message:

    1. CEF format 

       

      Jul 20 03:37:31 10.16.6.4 CEF: 1|Virsec Security Platform|Virsec|1.3.0|119|CMS User Login Unsuccessful|5|src=10.16.6.4 role=Super Admin realm=LOCAL failed_at=20 Jul 2020 07:38:20 AM UTC reason=Invalid username or password. [email protected] msg=User [email protected] failed in authentication.

       

    2. CEF - Fixed Key Definition format

       

      Sep  7 09:42:17 10.16.6.4 CEF: 1|Virsec Security Platform|Virsec|1.4.0|119|CMS User Login Unsuccessful|5|cs1Label=src cs1=10.16.6.4 cs2Label=role cs2=Super Admin cs3Label=realm cs3=LOCAL cs4Label=failed_at cs4=07 Sep 2020 01:43:45 PM UTC cs5Label=reason cs5=Invalid username or password. cs6Label=username [email protected] cs7Label=msg cs7=User [email protected] failed in authentication.

 

<< PREVIOUS   NEXT >>