SOTI MOBICONTROL¶
About¶
SOTI MobiControl’s Mobile Device Management (MDM) software lets you efficiently manage multiple device types such as: mobile rugged devices, mobile computers, handhelds, smartphones, vehicle mount computers, wearables and laptops. Protect devices, data, and workers with security features such as Kiosk Mode, geofencing and lockdown.
Product Details¶
Vendor URL: Soti MobiControl
Product Type: Enterprise Mobility Management, EDR
Product Tier: Tier III
Integration Method: Syslog
Parser Details¶
Log Format: Syslog
Expected Normalization Rate: 95%
Data Label: SOTI_MOBICONTROL
UDM Fields (list of all UDM fields leveraged in the Parser):
| Log File Field | UDM Field |
|---|---|
| device_id | principal.asset.hostname |
| device | observer.hostname |
| username | principal.user.userid |
| xnum1 | security_result.about.process.pid |
| summary | security_result.about.summary |
| logsource | metadata.product_name |
Product Event Types¶
| Event | UDM Event Classification |
|---|---|
| all others | GENERIC_EVENT |
Log Sample¶
188 <14>1 2022-12-29T20:22:33.595636+00:00 MOBI18 MobiControl 3784 0 - [Device, Information, DataCollected] Data Collected (Location) (Server/DeviceID/UserName:MOBI18/0123e45c6789/System)
Sample Parsing¶
metadata.event_type = "GENERIC_EVENT"
metadata.vendor_name = "MOBICONTROL"
metadata.product_name = "MOBI18"
principal.domain.whois_server = "MOBI18"
principal.user.userid = "System"
principal.asset.hostname = "0123e45c6789"
security_result.about.process.pid = "3784"
security_result.summary = "Data Collected (Location)"
Rules¶
Coming Soon