Skip to content

Latest commit

 

History

History
22 lines (20 loc) · 839 Bytes

pC_beyondtrustpasswordsafejsonapplogoutsuccesslogout.md

File metadata and controls

22 lines (20 loc) · 839 Bytes

Parser Content

{
Name = beyondtrust-passwordsafe-json-app-logout-success-logout
  Vendor = BeyondTrust
  Product = BeyondInsight
  TimeFormat = "MM/dd/yyyy HH:mm:ss a"
  Conditions = [ """"vendor":"BeyondTrust"""", """"category":"Logout"""", """"product":"BeyondInsight"""", """"systemname":"Logout"""" ]
  Fields = [
    """"host":"({host}[^"]+)"""",
    """"createdate":"({time}\d{1,2}\/\d{1,2}\/\d\d\d\d\s\d{1,2}:\d{1,2}:\d{1,2}\s\w{1,2})"""",
    """"username":"(({domain}[^\"]+)\\+)?({user}[^"]+)"""",
    """"(sourceip|ipaddress)":"({src_ip}((([0-9a-fA-F.]{1,4}):{1,2}){7}([0-9a-fA-F]){1,4})|(((25[0-5]|(2[0-4]|1\d|[0-9]|)\d)\.?\b){4}))(:({src_port}\d+))?"""",
    """"sourcehost":"({src_host}[^"]+)"""",
    """"({app}BeyondInsight)"""",
    """"category":"({event_name}[^"]+)""""
  ]
  ParserVersion = "v1.0.0"


}