BeyondTrust PowerBroker sample event message

Use this sample event messages as a way of verifying a successful integration with QRadar®.

The following table provides a sample event message for the BeyondTrust PowerBroker DSM:

Table 1. BeyondTrust PowerBroker sample syslog message
Event name Low level category Sample log message
Finish pbrun terminated Information
<14>Feb 15 13:23:09 qradar4292 pbforwarder.pl: DEVICETYPE = PowerBroker	EVENTID = PB	EVENTCAT = unknown	DDATE = 	USER = 	SRC = 	DST = 	EVENT_HEADER = ac15208e4eaddffb1BB002 Finish pbrun terminated: signal 1 (Hangup) unknown signal code	event = "Finish"	exitdate = "2011/10/30"	exitstatus = "pbrun terminated: signal 1 (Hangup) unknown signal code"	exittime = "21:01:49"	i18n_exitdate = "10/30/11"	i18n_exittime = "21:01:49"	logpid = 22085786	uniqueid = "ac15208e4eaddffb1BB002"