Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User Log event IDs

FAhmed_
New Contributor
‎05-12-2008 11:32:AM
‎05-12-2008 11:32:AM

User Log event IDs

I am trying to build a log filter that would only show me authentication logs for users signing in successfully to our SA 6000 devices. From what I see within the logs, AUT22670 seems to be the event ID that indicates this activity. However, I'm not sure because I only see a few of these events occuring in the past month. Is there a Juniper document that details event IDs along with a description of its meaning?

Thanks,
Farhan

0 Kudos
1 REPLY 1
ben_
Frequent Contributor
‎05-19-2008 11:36:PM
‎05-19-2008 11:36:PM

Re: User Log event IDs

How abouit filterin on the msg content?

In our case we have to messages indicating the sign-in process to be successfull

1.) "Primary authentication successful"...

-> But here it may happen that the user may not get mapped any roles,so the overall result will not be successfull, but anyway good to know, e.g. for troubleshooting

2.) "Login succeeded"....

The filter could look like:

msg = ("*Primary authentication successful*" OR "*Login succeeded*")

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.