3.1 示例

管理员日志的programname包含:@adminAuditLog

完整报文示例如下:

<158>Aug 14 10:55:01 localhost sdp-console@adminAuditLog[116]: { "actor": { "id": "1", "type": "admin", "name": "admin", "displayName": "", "groupPath": "\/", "sTraceId": "7cb5da2d-861f-403a-ba3a-ec1155709973", "tags": [ ], "details": "" }, "src": { "dvc": { "os": "Windows 10" }, "geo": { "tags": [ ], "country": "内网IP", "province": "-", "city": "-", "organization": "内网IP" }, "client": { "type": "SDPBrowserClient", "browser": "Chrome\/115.0.0.0", "browserVersion": "", "httpUserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/115.0.0.0 Safari\/537.36" }, "preProxyIp": "", "ip": "1.1.1.1", "ipTags": [ ] }, "event": { "id": "f6144380-3a4d-11ee-8e1b-afac54098405", "mainType": "admin", "subType": "user.logout", "timestamp": 1691981701048, "result": "SUCCESS", "reason": "user.logout_by_self" }, "_isRisk": 0, "target": { "id": "1", "type": "admin", "name": "admin", "details": "admin: [empty] -> [empty]" }, "traceId": "01520bbd044c2037", "_logId": "4407", "vendor": { "product": "aTrust", "productType": "hybrid", "productVersion": "2.3.10", "dvcId": "A14C0E10", "sourceName": "A14C0E10", "dvcIp": "1.1.1.1" } }

其中正文为:

{
    "actor": {
        "id": "1",
        "type": "admin",
        "name": "admin",
        "displayName": "",
        "groupPath": "/",
        "sTraceId": "7cb5da2d-861f-403a-ba3a-ec1155709973",
        "tags": [],
        "details": ""
    },
    "src": {
        "dvc": {
            "os": "Windows 10"
        },
        "geo": {
            "tags": [],
            "country": "内网IP",
            "province": "-",
            "city": "-",
            "organization": "内网IP"
        },
        "client": {
            "type": "SDPBrowserClient",
            "browser": "Chrome/115.0.0.0",
            "browserVersion": "",
            "httpUserAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
        },
        "preProxyIp": "",
        "ip": "1.1.1.1",
        "ipTags": []
    },
    "event": {
        "id": "f6144380-3a4d-11ee-8e1b-afac54098405",
        "mainType": "admin",
        "subType": "user.logout",
        "timestamp": 1691981701048,
        "result": "SUCCESS",
        "reason": "user.logout_by_self"
    },
    "_isRisk": 0,
    "target": {
        "id": "1",
        "type": "admin",
        "name": "admin",
        "details": "admin: [empty] -> [empty]"
    },
    "traceId": "01520bbd044c2037",
    "_logId": "4407",
    "vendor": {
        "product": "aTrust",
        "productType": "hybrid",
        "productVersion": "2.3.10",
        "dvcId": "A14C0E10",
        "sourceName": "A14C0E10",
        "dvcIp": "1.1.1.1"
    }
}
深信服科技 all right reserved,powered by Gitbook本文档更新于: 2024-10-15 17:37

results matching ""

    No results matching ""