test_event_reason.json

{
  "input": {
    "message": "1,2024/10/25 16:04:52,024101011111,SYSTEM,userid,2522,2024/10/25 16:04:52,,connect-server-monitor-failure,,0,0,general,high,\"User-ID server monitor test05(vsystest) Access denied\",7389706522298800000,0x0,0,0,0,0,,FFFFF01,0,0,2024-10-25T16:04:52.574+02:00",
    "sekoiaio": {
      "intake": {
        "dialect": "Palo Alto NGFW",
        "dialect_uuid": "903ec1b8-f206-4ba5-8563-db21da09cafd"
      }
    }
  },
  "expected": {
    "message": "1,2024/10/25 16:04:52,024101011111,SYSTEM,userid,2522,2024/10/25 16:04:52,,connect-server-monitor-failure,,0,0,general,high,\"User-ID server monitor test05(vsystest) Access denied\",7389706522298800000,0x0,0,0,0,0,,FFFFF01,0,0,2024-10-25T16:04:52.574+02:00",
    "event": {
      "category": [
        "network"
      ],
      "dataset": "system",
      "reason": "User-ID server monitor test05(vsystest) Access denied",
      "type": [
        "info"
      ]
    },
    "@timestamp": "2024-10-25T14:04:52.574000Z",
    "action": {
      "name": "connect-server-monitor-failure",
      "type": "userid"
    },
    "host": {
      "name": "test05"
    },
    "log": {
      "hostname": "FFFFF01",
      "level": "high",
      "logger": "system"
    },
    "observer": {
      "name": "FFFFF01",
      "product": "PAN-OS",
      "serial_number": "024101011111"
    },
    "paloalto": {
      "DGHierarchyLevel1": "0",
      "DGHierarchyLevel2": "0",
      "DGHierarchyLevel3": "0",
      "DGHierarchyLevel4": "0",
      "EventID": "connect-server-monitor-failure",
      "Threat_ContentType": "userid",
      "vsys": "vsystest"
    }
  }
}