Skip to content

Jump To


Logs processes launched on devices.

Product Details

Vendor URL: n/a

Product Type: Audit Logs

Product Tier: Tier III

Integration Method: Syslog

Integration URL: n/a

Log Guide: n/a

Parser Details

Log Format: Syslog

Expected Normalization Rate: 90%

Data Label: JUMPTO

UDM Fields (list of all UDM fields leveraged in the Parser):

Log File Field UDM Field UDM Event Type
Defined metadata.product_name All
observer observer.hostname All
observer observer.ip All
Defined metadata.event_type All
inc metadata.description If Available
userid principal.user.userid If Available
src principal.hostname If Available
dst target.hostname If Available
domain target.administrative_domain If Available
srcpid If Available
targetpid If Available

Product Event Types

Description metadata.event_type
A process was launched on the device PROCESS_LAUNCH

Log Sample

<0>Sep  2 14:46:12 john.doe|fsroot|fsroot|computername||20210902|144613|(null)|(null)

Sample Parsing

metadata.event_timestamp = "2021-09-02T14:46:12Z"
metadata.event_type = "PROCESS_LAUNCH"
metadata.product_name = "Jump To"
principal.hostname = "hostname1"
principal.user.userid = "john.doe" = "fsroot"
principal.namespace = "companyname"
target.hostname = "hostname2" = "fsroot"
target.administrative_domain = ""
target.namespace = "domain2"
observer.hostname = ""
observer.namespace = domain1

Parser Alerting

This product currently does not have any Parser-based Alerting


Coming soon