Mappings: OpenVPN Authentication Attempt
Input | Value |
---|---|
Vendor | OpenVPN |
Product | OpenVPN |
Log Format | JSON |
Event ID Regex Pattern | TLS.* |
Output | Value |
---|---|
Vendor | OpenVPN |
Product | OpenVPN |
Record Type | Authentication |
Cloud SIEM Schema Field | Original Record Key | Notes |
---|---|---|
action | action | |
cause | log_message | |
description | log_message | |
normalizedAction | None | The static text logon is populated in this schema field. |
normalizedCause | None | The static text incorrect credentials is populated in this schema field. |
srcDevice_ip | src_ip | |
srcPort | src_port | |
success | action | This is a lookup field. More info to come in the catalog later... |
user_username | username |