u-siem-pulsesecure
| Crates.io | u-siem-pulsesecure |
| lib.rs | u-siem-pulsesecure |
| version | 0.0.2 |
| source | src |
| created_at | 2021-04-24 14:24:50.070582+00 |
| updated_at | 2021-04-24 14:24:50.070582+00 |
| description | uSIEM PulseSecure VPN parser |
| homepage | |
| repository | https://github.com/u-siem/usiem-pulsesecure |
| max_upload_size | |
| id | 388985 |
| size | 492,985 |
Samuel Garcés Marín (SecSamDev)
documentation
README
uSIEM PulseSecure
PulseSecure parser for uSIEM
Tested in virtual appliance 9.1R10 (build 10119) in AWS.
Easy to deploy, follow https://www-prev.pulsesecure.net/download/techpubs/current/1221/pulse-connect-secure/pcs/9.0rx/ps-pcs-9.0r1-aws-deployment-guide.pdf
Event ID list
Login succeded: AUT31504 Login succeded: ADM22668 Login failed: AUT23457 Session timed out: AUT22886 Primary authentication successful: AUT24326 Primary authentication successful: AUT30684 Primary authentication failed: AUT24327 Password change failed: USR24630 User account modified: USR22898 User accounts modified: ADM20716 Super admin session created using token: ADM23452 Admin token is created for administrative logon recovery: ADM24511 Changed log event LicenseServer: ADM20603 Logon: AUT24803 Update: AUT23524 Logout: AUT22673 Logout: ADM22671 Concurrent connection limit: AUT31085