EventValve
Note
Create custom events in execution flow of a PIPE.
Properties
| Name | Description | Default value | Mandatory | Supports property expansion |
|---|---|---|---|---|
| severity | Sverity marker in log file. Supported values are: INFO, WARN, FATAL and ERROR. | INFO | No | No |
| eve_key | Event key to use, see events list. | Yes | No | |
| parameters | Additional parameters. Syntax used is JSONArray with JSON object containing key and value: "parameters":[{"key":"value"}] Allowed event parameter keys are described below. | No | Yes - "value" supports expansion |
Parameter keys
Event parameters used are based on the CEF standard.
| Event parameter key name | Description |
|---|---|
| dst | Destination |
| dhost | Host |
| dpt | Port |
| duser | UserID |
| destinationServiceName | Service name |
| proto | Protocol |
| request | Request URL |
| requestClientApplication | Client application |
| requestCookies | Request cookie |
| requestMethod | Request method |
| src | Source |
| shost | Source host |
| spt | Source port |
| suser | Source user |
| msg | Message |
| phenixIDIdentifier | Identifier |
| phenixIDTenantId | Tenant |
| phenixIDSessionId | Session id |
| phenixIDx509Subject | Subject |
| phenixIDx509Issuer | Issuer |
| phenixIDx509Thumbprint | Thumbprint |
| hwTokenId | Token id |
| phenixIDExpiry | Expiry |
Example Configuration
{
"name": "EventValve",
"config": {
"event_key": "EVT_000052",
"parameters": [
{
"parameter": "requestMethod",
"value": "Client certificate - SITHS"
},
{
"parameter": "duser",
"value": "{{item.uid}}"
},
{
"parameter": "destinationServiceName",
"value": "{{item.issuer}}"
},
{
"parameter": "proto",
"value": "SAML"
}
]
}
}