CyberArk Identity sample event message

Use this sample event message as a way of verifying a successful integration with QRadar®.

The following sample event message shows a user login attempt when you use the Centrify Redrock REST API protocol for the CyberArk Identity DSM:

{"RequestIsMobileDevice": false,"AuthMethod": "MultiAuth","Level": "Error","UserGuid": "c2c7bcc6-9560-44e0-8dff-5be221cd37ee","Mechanism": "EMail","Tenant": "AAM0428","FromIPAddress": "<IP_address>","ID": "772c2e1908a4f11b.W03.c5ab.a936852233b2232d","RequestDeviceOS": "Windows","EventType": "Cloud.Core.Login.MultiFactorChallenge","RequestHostName": "192.0.2.1","ThreadType": "RestCall","UserName": "username@example.com","NormalizedUser": "username@example.com","WhenLogged": "/Date(1472679431199)/","WhenOccurred": "/Date(1472679431199)/","Target": "username@example.com"}