Created
June 23, 2023 12:07
-
-
Save ritesh/f2ff30e343567b04de62a4c68a859d4c to your computer and use it in GitHub Desktop.
Okta Syslog Schema - via https://developer.okta.com/docs/reference/api/system-log/#logevent-object-annotated-example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"uuid": "Randomly generated String, Required", | |
"published": "ISO8601 string for timestamp, Required", | |
"eventType": "String, Required", | |
"version": "String, Required", | |
"severity": "String, one of DEBUG, INFO, WARN, ERROR, Required", | |
"legacyEventType": "String, Optional", | |
"displayMessage": "String, Optional", | |
"actor": { | |
"id": "String, Required", | |
"type": "String, Required", | |
"alternateId": "String, Optional", | |
"displayName": "String, Optional", | |
"detailEntry": { | |
"String": "String", | |
"StringResMap": "Resource map" | |
} | |
}, | |
"client": { | |
"userAgent": { | |
"rawUserAgent": "String, Optional", | |
"os": "String, Optional", | |
"browser": "String, Optional" | |
}, | |
"geographicalContext": { | |
"geolocation": { | |
"lat": "Double, Optional", | |
"lon": "Double, Optional" | |
}, | |
"city": "String, Optional", | |
"state": "String, Optional", | |
"country": "String, Optional", | |
"postalCode": "String, Optional" | |
}, | |
"zone": "String, Optional", | |
"ipAddress": "String, Optional", | |
"device": "String, Optional", | |
"id": "String, Optional" | |
}, | |
"outcome": { | |
"result": "String, one of: SUCCESS, FAILURE, SKIPPED, ALLOW, DENY, CHALLENGE, UNKNOWN, Required", | |
"reason": "String, Optional" | |
}, | |
"target": [ | |
{ | |
"id": "String, Required", | |
"type": "String, Required", | |
"alternateId": "String, Optional", | |
"displayName": "String, Optional", | |
"detailEntry": { | |
"String": "String", | |
"StringResMap": "Resource map" | |
} | |
}, | |
{ | |
"id": "String, Required", | |
"type": "String, Required", | |
"alternateId": "String, Optional", | |
"displayName": "String, Optional", | |
"detail": { | |
"String": "String", | |
"StringResMap": "Resource map" | |
} | |
} | |
], | |
"transaction": { | |
"id": "String, Optional", | |
"type": "String one of WEB, JOB, Optional", | |
"detail": { | |
"String": "String", | |
"StringResMap": "Resource map" | |
} | |
}, | |
"debugContext": { | |
"debugData": { | |
"String": "String/Resource Map", | |
"String1": "String/Resource Map", | |
"requestUri": "/api/1/devtools/global/test/orgs/specific", | |
"originalPrincipal": { | |
"id": "00ujchcbjpltartYI0g3", | |
"type": "User", | |
"alternateId": "admin@saasure.com", | |
"displayName": "Piras Add-min" | |
} | |
} | |
}, | |
"authenticationContext": { | |
"authenticationProvider": "String one of OKTA_AUTHENTICATION_PROVIDER, ACTIVE_DIRECTORY, LDAP, FEDERATION, SOCIAL, FACTOR_PROVIDER, Optional", | |
"credentialProvider": "String one of OKTA_CREDENTIAL_PROVIDER, RSA, SYMANTEC, GOOGLE, DUO, YUBIKEY, Optional", | |
"credentialType": "String one of OTP, SMS, PASSWORD, ASSERTION, IWA, EMAIL, OAUTH2, JWT, CERTIFICATE, PRE_SHARED_SYMMETRIC_KEY, OKTA_CLIENT_SESSION, DEVICE_UDID, Optional", | |
"issuer": { | |
"id": "String, Optional", | |
"type": "String Optional" | |
}, | |
"externalSessionId": "String, Optional", | |
"interface": "String, Optional" | |
}, | |
"securityContext": { | |
"asNumber": "Integer, Optional", | |
"asOrg": "String, Optional", | |
"isp": "String, Optional", | |
"domain": "String, Optional", | |
"isProxy": "Boolean, Optional" | |
}, | |
"request": { | |
"ipChain": [ | |
{ | |
"ip": "String, Optional", | |
"geographicalContext": { | |
"geolocation": { | |
"lat": "Double, Optional", | |
"lon": "Double, Optional" | |
}, | |
"city": "String, Optional", | |
"state": "String, Optional", | |
"country": "String, Optional", | |
"postalCode": "String, Optional" | |
}, | |
"version": "String, one of V4, V6 Optional", | |
"source": "String, Optional" | |
} | |
] | |
} | |
} |
Author
ritesh
commented
Jun 23, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment