Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: Connector definition
| Column Name | Type | Description |
|---|---|---|
| AnyConnectVersion | string | The version of the Cisco Secure Client with the VPN module. |
| AsaSyslogClass | string | The syslog message class categorizes syslog messages by type, representing a device's feature or function. |
| AsaSyslogDescriptor | string | The syslog message format typically includes a timestamp, a hostname or IP address, facility code, severity level, and the actual log message content, all of which are used for system logging and analysis. |
| AsaSyslogId | string | The ID of the Cisco ASA syslog used to generate this log event. |
| AssignedIp | string | The IP address assigned to the device with the Cisco Secure Client and VPN module. |
| AssignedIpv6 | string | The IP v6 address assigned to the device with the Cisco Secure Client and VPN module. |
| AwsRegion | string | The AWS region that stores your VPN logs. |
| ConnectedAt | string | The date and time of the start of the initial CONNECTED VPN event for a DISCONNECTED event expressed in milliseconds as a UTC-formatted string. |
| DapConnectionType | string | The RAVPN session connection type. |
| DapRecordName | string | The posture profile assessed by Cisco Secure Client HostScan. |
| DeviceId | string | The ID of the device with the Cisco Secure Client and VPN module. |
| DisconnectionReason | string | The description of the VPN disconnected event. The value is null for other event types. |
| EventType | string | The label that describes the type of event. Valid values are: CONNECTED, DISCONNECTED, FAILED, or UNKNOWN. |
| FailedReasons | dynamic | The error codes for failed remote connection requests. |
| HostName | string | The name of the node on the Cisco headend side where user VPN connections are established and events are generated. |
| LogMessage | string | Log message details communications between devices involved in 802.1X port-based network access. This message is used to troubleshoot issues with authentication, authorization, and accounting (AAA) processes, including RADIUS servers. |
| MachineId | string | The ID of the client machine used for authentication. |
| MspOrganizationId | string | The Secure Access managed organization ID. |
| OrganizationId | string | The Secure Access organization ID. |
| OriginIds | dynamic | The internal IP address of the device that connected to the Secure Access remote VPN services. |
| OriginType | string | The type of device connected to the Secure Access VPN services. |
| OsVersion | string | The type and version of the user device's operating system. |
| PublicIp | string | The public IP address of the device with the Cisco Secure Client and VPN module. |
| PublicIpv6 | string | The public IP v6 address of the device with the Cisco Secure Client and VPN module. |
| RetentionDays | string | The number of days that AWS S3 stores your Secure Access VPN log. |
| SecurityGroupTag | string | Security group tag matched as a source by a rule. |
| SessionId | string | The unique ID of the VPN session. |
| SessionType | string | The protocol used by the device with the VPN session, for example: TLS. |
| StorageLocation | string | The two-character label that identifies the location of your Cisco-managed VPN logs. Configure the storage location on Secure Access for your organization. The storage location options are: eu or us. |
| TimeGenerated | datetime | |
| Timestamp | string | The date and time of the RAVPN event, expressed as a UTC-formatted string. |
| UserId | string | The ID of the VPN user. The ID is the email address associated with the user account. |
| VpnProfile | string | The name of the VPN connection profile that establishes a VPN session. |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Cisco Umbrella (via Codeless Connector Framework) | |
| Cisco Cloud Security | |
| Cisco Cloud Security (using elastic premium plan) |
GitHub Only:
In solution CiscoUmbrella:
In solution CiscoUmbrella:
| Workbook | Selection Criteria |
|---|---|
| CiscoUmbrella |
| Parser | Solution | Selection Criteria |
|---|---|---|
| Cisco_Umbrella | CiscoUmbrella |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊