IBM AIX Server sample event message
Use this sample event message to verify a successful integration with IBM QRadar.
Important: Due to formatting issues, paste the message format into a text editor and
then remove any carriage return or line feed characters.
IBM AIX Server sample message when you use the Syslog protocol
The following sample event message shows that the sshd connection is closed.
<38>Nov 21 16:19:05 ibm.aix.test sshd[7471482]: Connection closed by 10.5.88.146 [preauth]
QRadar field name | Highlighted payload field name |
---|---|
Event ID | sshd + Connection closed (extracted from the payload) |
Device Time | Nov 21 16:19:05 |
Source IP | 10.5.88.146 |