Die vorliegende Übersetzung wurde maschinell erstellt. Im Falle eines Konflikts oder eines Widerspruchs zwischen dieser übersetzten Fassung und der englischen Fassung (einschließlich infolge von Verzögerungen bei der Übersetzung) ist die englische Fassung maßgeblich.
Beispiele für O microSD Version 0.1
Im Folgenden finden Sie Beispielprotokolle, die die O microSD-Standardprotokollierung Version 0.1 verwenden.
Beispiele
Zugriff mit OIDC gewährt
In diesem Beispielprotokolleintrag ermöglicht Verified Access den Zugriff auf einen Endpunkt mit einem OIDC-Benutzervertrauensanbieter.
{ "activity": "Access Granted", "activity_id": "1", "category_name": "Application Activity", "category_uid": "8", "class_name": "Access Logs", "class_uid": "208001", "device": { "ip": "10.2.7.68", "type": "Unknown", "type_id": 0 }, "duration": "0.004", "end_time": "1668580194344", "time": "1668580194344", "http_request": { "http_method": "GET", "url": { "hostname": "hello.app.example.com", "path": "/", "port": 443, "scheme": "https", "text": "https://hello.app.example.com:443/" }, "user_agent": "python-requests/2.28.1", "version": "HTTP/1.1" }, "http_response": { "code": 200 }, "identity": { "authorizations": [ { "decision": "Allow", "policy": { "name": "inline" } } ], "idp": { "name": "user", "uid": "vatp-09bc4cbce2EXAMPLE" }, "user": { "email_addr": "johndoe@example.com", "name": "Test User Display", "uid": "johndoe@example.com", "uuid": "00u6wj48lbxTAEXAMPLE" } }, "message": "", "metadata": { "uid": "Root=1-63748362-6408d24241120b942EXAMPLE", "logged_time": 1668580281337, "version": "0.1", "product": { "name": "Verified Access", "vendor_name": "AWS" } }, "ref_time": "2022-11-16T06:29:54.344948Z", "proxy": { "ip": "192.168.34.167", "port": 443, "svc_name": "Verified Access", "uid": "vai-002fa341aeEXAMPLE" }, "severity": "Informational", "severity_id": "1", "src_endpoint": { "ip": "172.24.57.68", "port": "48234" }, "start_time": "1668580194340", "status_code": "100", "status_details": "Access Granted", "status_id": "1", "status": "Success", "type_uid": "20800101", "type_name": "AccessLogs: Access Granted", "unmapped": null }
Zugriff mit OIDC und JAMF gewährt
In diesem Beispielprotokolleintrag ermöglicht Verified Access den Zugriff auf einen Endpunkt sowohl mit OIDC- als auch mit JAMF-Gerätevertrauensanbietern.
{ "activity": "Access Granted", "activity_id": "1", "category_name": "Application Activity", "category_uid": "8", "class_name": "Access Logs", "class_uid": "208001", "device": { "ip": "10.2.7.68", "type": "Unknown", "type_id": 0, "uid": "41b07859-4222-4f41-f3b9-97dc1EXAMPLE" }, "duration": "0.347", "end_time": "1668804944086", "time": "1668804944086", "http_request": { "http_method": "GET", "url": { "hostname": "hello.app.example.com", "path": "/", "port": 443, "scheme": "h2", "text": "https://hello.app.example.com:443/" }, "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36", "version": "HTTP/2.0" }, "http_response": { "code": 304 }, "identity": { "authorizations": [ { "decision": "Allow", "policy": { "name": "inline" } } ], "idp": { "name": "oidc", "uid": "vatp-9778003bc2EXAMPLE" }, "user": { "email_addr": "johndoe@example.com", "name": "Test User Display", "uid": "johndoe@example.com", "uuid": "4f040d0f96becEXAMPLE" } }, "message": "", "metadata": { "uid": "Root=1-321318ce-6100d340adf4fb29dEXAMPLE", "logged_time": 1668805278555, "version": "0.1", "product": { "name": "Verified Access", "vendor_name": "AWS" } }, "ref_time": "2022-11-18T20:55:44.086480Z", "proxy": { "ip": "10.5.192.96", "port": 443, "svc_name": "Verified Access", "uid": "vai-3598f66575EXAMPLE" }, "severity": "Informational", "severity_id": "1", "src_endpoint": { "ip": "192.168.20.246", "port": 61769 }, "start_time": "1668804943739", "status_code": "100", "status_details": "Access Granted", "status_id": "1", "status": "Success", "type_uid": "20800101", "type_name": "AccessLogs: Access Granted", "unmapped": null }
Zugriff gewährt mit OIDC und CrowdStrike
In diesem Beispielprotokolleintrag ermöglicht Verified Access den Zugriff auf einen Endpunkt sowohl mit OIDC CrowdStrike- als auch mit Gerätevertrauensanbietern.
{ "activity": "Access Granted", "activity_id": "1", "category_name": "Application Activity", "category_uid": "8", "class_name": "Access Logs", "class_uid": "208001", "device": { "ip": "10.2.173.3", "os": { "name": "Windows 11", "type": "Windows", "type_id": 100 }, "type": "Unknown", "type_id": 0, "uid": "122978434f65093aee5dfbdc0EXAMPLE", "hw_info": { "serial_number": "751432a1-d504-fd5e-010d-5ed11EXAMPLE" } }, "duration": "0.028", "end_time": "1668816620842", "time": "1668816620842", "http_request": { "http_method": "GET", "url": { "hostname": "test.app.example.com", "path": "/", "port": 443, "scheme": "h2", "text": "https://test.app.example.com:443/" }, "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36", "version": "HTTP/2.0" }, "http_response": { "code": 304 }, "identity": { "authorizations": [ { "decision": "Allow", "policy": { "name": "inline" } } ], "idp": { "name": "oidc", "uid": "vatp-506d9753f6EXAMPLE" }, "user": { "email_addr": "johndoe@example.com", "name": "Test User Display", "uid": "johndoe@example.com", "uuid": "23bb45b16a389EXAMPLE" } }, "message": "", "metadata": { "uid": "Root=1-c16c5a65-b641e4056cc6cb0eeEXAMPLE", "logged_time": 1668816977134, "version": "0.1", "product": { "name": "Verified Access", "vendor_name": "AWS" } }, "ref_time": "2022-11-19T00:10:20.842295Z", "proxy": { "ip": "192.168.144.62", "port": 443, "svc_name": "Verified Access", "uid": "vai-2f80f37e64EXAMPLE" }, "severity": "Informational", "severity_id": "1", "src_endpoint": { "ip": "10.14.173.3", "port": 55706 }, "start_time": "1668816620814", "status_code": "100", "status_details": "Access Granted", "status_id": "1", "status": "Success", "type_uid": "20800101", "type_name": "AccessLogs: Access Granted", "unmapped": null }
Zugriff aufgrund eines fehlenden Cookies verweigert
In diesem Beispielprotokolleintrag verweigert Verified Access den Zugriff aufgrund eines fehlenden Authentifizierungscookie.
{ "activity": "Access Denied", "activity_id": "2", "category_name": "Application Activity", "category_uid": "8", "class_name": "Access Logs", "class_uid": "208001", "device": null, "duration": "0.0", "end_time": "1668593568259", "time": "1668593568259", "http_request": { "http_method": "POST", "url": { "hostname": "hello.app.example.com", "path": "/dns-query", "port": 443, "scheme": "h2", "text": "https://hello.app.example.com:443/dns-query" }, "user_agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML", "version": "HTTP/2.0" }, "http_response": { "code": 302 }, "identity": null, "message": "", "metadata": { "uid": "Root=1-5cf1c832-a565309ce20cc7dafEXAMPLE", "logged_time": 1668593776720, "version": "0.1", "product": { "name": "Verified Access", "vendor_name": "AWS" } }, "ref_time": "2022-11-16T10:12:48.259762Z", "proxy": { "ip": "192.168.34.167", "port": 443, "svc_name": "Verified Access", "uid": "vai-108ed7a672EXAMPLE" }, "severity": "Informational", "severity_id": "1", "src_endpoint": { "ip": "10.7.178.16", "port": "46246" }, "start_time": "1668593568258", "status_code": "200", "status_details": "Authentication Denied", "status_id": "2", "status": "Failure", "type_uid": "20800102", "type_name": "AccessLogs: Access Denied", "unmapped": null }
Zugriff durch Richtlinie verweigert
In diesem Beispielprotokolleintrag verweigert Verified Access eine authentifizierte Anforderung, da die Anforderung von den Zugriffsrichtlinien nicht zugelassen wird.
{ "activity": "Access Denied", "activity_id": "2", "category_name": "Application Activity", "category_uid": "8", "class_name": "Access Logs", "class_uid": "208001", "device": { "ip": "10.4.133.137", "type": "Unknown", "type_id": 0 }, "duration": "0.023", "end_time": "1668573630978", "time": "1668573630978", "http_request": { "http_method": "GET", "url": { "hostname": "hello.app.example.com", "path": "/", "port": 443, "scheme": "h2", "text": "https://hello.app.example.com:443/" }, "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36", "version": "HTTP/2.0" }, "http_response": { "code": 401 }, "identity": { "authorizations": [], "idp": { "name": "user", "uid": "vatp-e048b3e0f8EXAMPLE" }, "user": { "email_addr": "johndoe@example.com", "name": "Test User Display", "uid": "johndoe@example.com", "uuid": "0e1281ad3580aEXAMPLE" } }, "message": "", "metadata": { "uid": "Root=1-531a036a-09e95794c7b96aefbEXAMPLE", "logged_time": 1668573773753, "version": "0.1", "product": { "name": "Verified Access", "vendor_name": "AWS" } }, "ref_time": "2022-11-16T04:40:30.978732Z", "proxy": { "ip": "3.223.34.167", "port": 443, "svc_name": "Verified Access", "uid": "vai-021d5eaed2EXAMPLE" }, "severity": "Informational", "severity_id": "1", "src_endpoint": { "ip": "10.4.133.137", "port": "31746" }, "start_time": "1668573630955", "status_code": "300", "status_details": "Authorization Denied", "status_id": "2", "status": "Failure", "type_uid": "20800102", "type_name": "AccessLogs: Access Denied", "unmapped": null }
Unbekannter Protokolleintrag
In diesem Beispielprotokolleintrag kann Verified Access keinen vollständigen Protokolleintrag generieren, sodass es einen unbekannten Protokolleintrag ausgibt. Dadurch wird sichergestellt, dass jede Anforderung im Zugriffsprotokoll angezeigt wird.
{ "activity": "Unknown", "activity_id": "0", "category_name": "Application Activity", "category_uid": "8", "class_name": "Access Logs", "class_uid": "208001", "device": null, "duration": "0.004", "end_time": "1668580207898", "time": "1668580207898", "http_request": { "http_method": "GET", "url": { "hostname": "hello.app.example.com", "path": "/", "port": 443, "scheme": "https", "text": "https://hello.app.example.com:443/" }, "user_agent": "python-requests/2.28.1", "version": "HTTP/1.1" }, "http_response": { "code": 200 }, "identity": null, "message": "", "metadata": { "uid": "Root=1-435eb955-6b5a1d529343f5adaEXAMPLE", "logged_time": 1668580579147, "version": "0.1", "product": { "name": "Verified Access", "vendor_name": "AWS" } }, "ref_time": "2022-11-16T06:30:07.898344Z", "proxy": { "ip": "10.1.34.167", "port": 443, "svc_name": "Verified Access", "uid": "vai-6c32b53b3cEXAMPLE" }, "severity": "Informational", "severity_id": "1", "src_endpoint": { "ip": "172.28.57.68", "port": "47220" }, "start_time": "1668580207893", "status_code": "000", "status_details": "Unknown", "status_id": "0", "status": "Unknown", "type_uid": "20800100", "type_name": "AccessLogs: Unknown", "unmapped": null }
