- play_arrow What's New for Administrators
- play_arrow Overview of JSA Administration
- play_arrow User Management
- play_arrow License Management
- play_arrow System Management
- System Management
- System Health Information
- JSA Component Types
- Data Nodes
- Network Interface Management
- JSA System Time
- NAT-Enabled Networks
- Off-site Hosts Management
- Managed Hosts
- Configuration Changes in your JSA Environment
- Deploying Changes
- Restarting the Event Collection Service
- Shutting Down a System
- Restarting a System
- Collecting Log Files
- Changing the Root Password on Your JSA Console
- Resetting SIM
- play_arrow JSA Set Up Tasks
- JSA Set Up Tasks
- Network Hierarchy
- Automatic Updates
- Manual Updates
- Configuring System settings
- IF-MAP Server Certificates
- SSL Certificates
- IPv6 Addressing in JSA Deployments
- Advanced Iptables Rules Examples
- Data Retention
- System Notifications
- Custom Offense Close Reasons
- Configuring a Custom Asset Property
- Index Management
- Restrictions to Prevent Resource-intensive Searches
- App Hosts
- Checking the Integrity Of Event and Flow Logs
- Adding Custom Actions
- Managing Aggregated Data Views
- Accessing a GLOBALVIEW Database
- play_arrow Event Data Processing in JSA
- Event Data Processing in JSA
- DSM Editor Overview
- Properties in the DSM Editor
- Property Configuration in the DSM Editor
- Opening the DSM Editor
- Configuring a Log Source Type
- Configuring Property Autodetection for Log Source Types
- Configuring Log Source Autodetection for Log Source Types
- Configuring DSM Parameters for Log Source Types
- Custom Log Source Types
- Custom Property Definitions in the DSM Editor
- Event Mapping
- Exporting Contents from the DSM Editor
- play_arrow Using Reference Data in JSA
- play_arrow User Information Source Configuration
- play_arrow Juniper Networks X-Force Integration
- play_arrow Managing Authorized Services
- play_arrow Backup and Recovery
- play_arrow Flow Sources Management
- play_arrow Remote Networks and Services Configuration
- play_arrow Server Discovery
- play_arrow Domain Segmentation
- play_arrow Multitenant Management
- Multitenant Management
- User Roles in a Multitenant Environment
- Domains and Log Sources in Multitenant Environments
- Provisioning a New Tenant
- Monitoring License Usage in Multitenant Deployments
- Rules Management in Multitenant Deployments
- Network Hierarchy Updates in a Multitenant Deployment
- Retention Policies for Tenants
- play_arrow Asset Management
- play_arrow Configuring JSA to Forward Data to Other Systems
- Forward Data to Other Systems
- Adding Forwarding Destinations
- Configuring Forwarding Profiles
- Configuring Routing Rules to Forward Data
- Using Custom Rules and Rule Responses to Forward Data
- Configuring Routing Rules to Use the JSA Data Store
- Viewing Forwarding Destinations
- Viewing and Managing Forwarding Destinations
- Viewing and Managing Routing Rules
- play_arrow Event Store and Forward
- play_arrow Security Content
- play_arrow SNMP Trap Configuration
- play_arrow Protect Sensitive Data
- play_arrow Log Files
- play_arrow Common Ports and Servers Used by JSA
- play_arrow RESTful API
Audit
The audit category contains events that are related to audit activity, such as email or FTP activity.
The following table describes the low-level event categories and associated severity levels for the audit category.
Low-level event category | Category ID | Description | Severity level (0 - 10) |
|---|---|---|---|
General Audit Event | 19001 | Indicates that a general audit event was started. | 1 |
Built-in Execution | 19002 | Indicates that a built-in audit task was run. | 1 |
Bulk Copy | 19003 | Indicates that a bulk copy of data was detected. | 1 |
Data Dump | 19004 | Indicates that a data dump was detected. | 1 |
Data Import | 19005 | Indicates that a data import was detected. | 1 |
Data Selection | 19006 | Indicates that a data selection process was detected. | 1 |
Data Truncation | 19007 | Indicates that the data truncation process was detected. | 1 |
Data Update | 19008 | Indicates that the data update process was detected. | 1 |
Procedure/Trigger Execution | 19009 | Indicates that the database procedure or trigger execution was detected. | 1 |
Schema Change | 19010 | Indicates that the schema for a procedure or trigger execution was altered. | 1 |
Create Activity Attempted | 19011 | Indicates that creating activity was attempted. | 1 |
Create Activity Succeeded | 19012 | Indicates that creating activity was successful. | 1 |
Create Activity Failed | 19013 | Indicates that creating activity failed. | 3 |
Read Activity Attempted | 19014 | Indicates that a reading activity was attempted. | 1 |
Read Activity Succeeded | 19015 | Indicates that a reading activity was successful. | 1 |
Read Activity Failed | 19016 | Indicates that reading activity failed. | 3 |
Update Activity Attempted | 19017 | Indicates that updating activity was attempted. | 1 |
Update Activity Succeeded | 19018 | Indicates that updating activity was successful. | 1 |
Update Activity Failed | 19019 | Indicates that updating activity failed. | 3 |
Delete Activity Attempted | 19020 | Indicates that deleting activity was attempted. | 1 |
Delete Activity Succeeded | 19021 | Indicates that deleting activity was successful. | 1 |
Delete Activity Failed | 19022 | Indicates that deleting activity failed. | 3 |
Backup Activity Attempted | 19023 | Indicates that backup activity was attempted. | 1 |
Backup Activity Succeeded | 19024 | Indicates that backup activity was successful. | 1 |
Backup Activity Failed | 19025 | Indicates that backup activity failed. | 3 |
Capture Activity Attempted | 19026 | Indicates that capturing activity was attempted. | 1 |
Capture Activity Succeeded | 19027 | Indicates that capturing activity was successful. | 1 |
Capture Activity Failed | 19028 | Indicates that capturing activity failed. | 3 |
Configure Activity Attempted | 19029 | Indicates that configuration activity was attempted. | 1 |
Configure Activity Succeeded | 19030 | Indicates that configuration activity was successful. | 1 |
Configure Activity Failed | 19031 | Indicates that configuration activity failed. | 3 |
Deploy Activity Attempted | 19032 | Indicates that deployment activity was attempted. | 1 |
Deploy Activity Succeeded | 19033 | Indicates that deployment activity was successful. | 1 |
Deploy Activity Failed | 19034 | Indicates that deployment activity failed. | 3 |
Disable Activity Attempted | 19035 | Indicates that disabling activity was attempted. | 1 |
Disable Activity Succeeded | 19036 | Indicates that disabling activity was successful. | 1 |
Disable Activity Failed | 19037 | Indicates that disabling activity failed. | 3 |
Enable Activity Attempted | 19038 | Indicates that enabling activity was attempted. | 1 |
Enable Activity Succeeded | 19039 | Indicates that enabling activity was successful. | 1 |
Enable Activity Failed | 19040 | Indicates that enabling activity failed. | 3 |
Monitor Activity Attempted | 19041 | Indicates that monitoring activity was attempted. | 1 |
Monitor Activity Succeeded | 19042 | Indicates that monitoring activity was successful. | 1 |
Monitor Activity Failed | 19043 | Indicates that monitoring activity failed. | 3 |
Restore Activity Attempted | 19044 | Indicates that restoring activity was attempted. | 1 |
Restore Activity Succeeded | 19045 | Indicates that restoring activity was successful. | 1 |
Restore Activity Failed | 19046 | Indicates that restoring activity failed. | 3 |
Start Activity Attempted | 19047 | Indicates that starting activity was attempted. | 1 |
Start Activity Succeeded | 19048 | Indicates that starting activity was successful. | 1 |
Start Activity Failed | 19049 | Indicates that starting activity failed. | 3 |
Stop Activity Attempted | 19050 | Indicates that stopping activity was attempted. | 1 |
Stop Activity Succeeded | 19051 | Indicates that stopping activity was successful. | 1 |
Stop Activity Failed | 19052 | Indicates that stopping activity failed. | 3 |
Undeploy Activity Attempted | 19053 | Indicates that undeploy activity was attempted. | 1 |
Undeploy Activity Succeeded | 19054 | Indicates that undeploy activity was successful. | 1 |
Undeploy Activity Failed | 19055 | Indicates that undeploy activity failed. | 3 |
Receive Activity Attempted | 19056 | Indicates that receiving activity was attempted. | 1 |
Receive Activity Succeeded | 19057 | Indicates that receiving activity was successful. | 1 |
Receive Activity Failed | 19058 | Indicates that receiving activity failed | 3 |
Send Activity Attempted | 19059 | Indicates that sending activity was attempted. | 1 |
Send Activity Succeeded | 19060 | Indicates that sending activity was successful. | 1 |
Send Activity Failed | 19061 | Indicates that sending activity failed. | 3 |
