PACOM Systems¶
About¶
PACOMĀ® designs, develops and manufactures industry-leading security platforms for enterprise multi-site and campus environments integrating hardware and software into a single solution.
Product Details¶
Vendor URL: Pacom Systems
Product Type: Physical Security Access Control
Product Tier: Tier III
Integration Method: Syslog
Parser Details¶
Log Format: JSON
Expected Normalization Rate: 95%
Data Label: PACOM
UDM Fields (list of all UDM fields leveraged in the Parser):
| Log File Field | UDM Field |
|---|---|
| ID | event.idm.read_only_udm.metadata.product_log_id |
| ISLOG_LOGIN_ID | event.idm.read_only_udm.principal.user.userid |
| ISLOG_IPADDRESS | event.idm.read_only_udm.target.group.product_object_id |
| CardId | event.idm.read_only_udm.principal.user.userid |
| SiteNo | event.idm.read_only_udm.target.location.name |
| "ReaderNumber" | event.idm.read_only_udm.target.labels.key |
| ReaderNumber | event.idm.read_only_udm.target.labels.value |
| FullName | event.idm.read_only_udm.principal.user.user_display_name |
Product Event Types¶
| Event | UDM Event Classification |
|---|---|
| User Login | USER_LOGIN |
| User Badge In | USER_BADGE_IN |
| all others | GENERIC_EVENT |
Log Sample¶
<13>Sep 24 20:19:30 UNIT-99 {"id":85684215,"RTUTime":"RTU time","CardId":"123456789","SiteNo":4321,"Transaction":"Transaction","ReaderNumber":99,"FullName":"Jon_Doe","EventReceivedTime":1664068770,"SourceModuleName":"odbc","SourceModuleType":"im_odbc","EventTime":null}
Sample Parsing¶
event.idm.read_only_udm.metadata.product_log_id = 85684215
event.idm.read_only_udm.principal.user.userid = 123456789
event.idm.read_only_udm.target.location.name = 4321
event.idm.read_only_udm.target.labels.key = ReaderNumber
event.idm.read_only_udm.target.labels.value = 99
event.idm.read_only_udm.principal.user.user_display_name = Jon_Doe
Parser Alerting¶
This product currently does not have any Parser-based Alerting