-
Notifications
You must be signed in to change notification settings - Fork 28
/
test_system_event_10_json.json
49 lines (49 loc) · 2.33 KB
/
test_system_event_10_json.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
{
"input": {
"message": "{\"ConfigVersion\": \"10.1\",\"DGHierarchyLevel1\": 0,\"DGHierarchyLevel2\": 0,\"DGHierarchyLevel3\": 0,\"DGHierarchyLevel4\": 0,\"DeviceGroup\": null,\"EventComponent\": null,\"EventDescription\": \"Successfully connect to address: 5.6.7.8 port: 3978, conn id: triallr-5.6.7.8-2-def\",\"EventName\": \"general\",\"EventTime\": \"2023-02-03T16:31:56.000000Z\",\"LogSourceID\": \"007954000351998\",\"LogSourceName\": \"PA-VM\",\"LogTime\": \"2023-02-03T16:32:07.000000Z\",\"LogType\": \"SYSTEM\",\"SequenceNo\": 7195838274152170508,\"Subtype\": \"general\",\"Template\": null,\"TimeGeneratedHighResolution\": \"2023-02-03T16:31:56.151000Z\",\"VendorSeverity\": \"Informational\",\"VirtualLocation\": \"\",\"VirtualSystemName\": null}"
},
"expected": {
"message": "{\"ConfigVersion\": \"10.1\",\"DGHierarchyLevel1\": 0,\"DGHierarchyLevel2\": 0,\"DGHierarchyLevel3\": 0,\"DGHierarchyLevel4\": 0,\"DeviceGroup\": null,\"EventComponent\": null,\"EventDescription\": \"Successfully connect to address: 5.6.7.8 port: 3978, conn id: triallr-5.6.7.8-2-def\",\"EventName\": \"general\",\"EventTime\": \"2023-02-03T16:31:56.000000Z\",\"LogSourceID\": \"007954000351998\",\"LogSourceName\": \"PA-VM\",\"LogTime\": \"2023-02-03T16:32:07.000000Z\",\"LogType\": \"SYSTEM\",\"SequenceNo\": 7195838274152170508,\"Subtype\": \"general\",\"Template\": null,\"TimeGeneratedHighResolution\": \"2023-02-03T16:31:56.151000Z\",\"VendorSeverity\": \"Informational\",\"VirtualLocation\": \"\",\"VirtualSystemName\": null}",
"event": {
"category": [
"host"
],
"dataset": "system",
"reason": "Successfully connect to address: 5.6.7.8 port: 3978, conn id: triallr-5.6.7.8-2-def",
"type": [
"info"
]
},
"@timestamp": "2023-02-03T16:31:56Z",
"action": {
"type": "general"
},
"destination": {
"address": "5.6.7.8",
"ip": "5.6.7.8",
"port": 3978
},
"host": {
"name": "PA-VM"
},
"log": {
"level": "Informational",
"logger": "system"
},
"observer": {
"product": "PAN-OS"
},
"paloalto": {
"DGHierarchyLevel1": "0",
"DGHierarchyLevel2": "0",
"DGHierarchyLevel3": "0",
"DGHierarchyLevel4": "0",
"Threat_ContentType": "general"
},
"related": {
"ip": [
"5.6.7.8"
]
}
}
}