Transmit FlexID¶
About¶
FlexID™ is a cross-channel identity orchestration platform that integrates and manages authentication, fraud detection, and access controls. Business policies, authenticators, fraud systems, and authorization tools can be updated and deployed without changing application code using low code journey editing tools.
Product Details¶
Vendor URL: Transmit Security
Product Type: Identity and Access Management
Product Tier: Tier III
Integration Method: API
Parser Details¶
Log Format: JSON
Expected Normalization Rate: 100%
Data Label: TRANSMIT_FLEXID
UDM Fields (list of all UDM fields leveraged in the Parser):
| Log File Field | UDM Field |
|---|---|
| administrator | principal.user.userid |
| id | target.user.attribute.roles |
| insertId | metadata.product_log_id |
| jsonPayload.appInfo.applicationId | target.resource.attribute.labels |
| jsonPayload.appInfo.applicationName | target.application |
| jsonPayload.appInfo.orgId | target.resource.attribute.labels |
| jsonPayload.appInfo.orgName | target.resource.attribute.labels |
| jsonPayload.appInfo.spaceId | target.resource.attribute.labels |
| jsonPayload.appInfo.spaceName | target.namespace |
| jsonPayload.deployment | metadata.product_deployment_id |
| jsonPayload.eventType | metadata.product_event_type |
| jsonPayload.index | additional.fields |
| jsonPayload.ip | target.ip |
| jsonPayload.job | additional.fields |
| jsonPayload.logMessage.message | security_result.summary |
| jsonPayload.tags.process_id | principal.process.pid |
| jsonPayload.tags.product | target.resource.attribute.labels |
| jsonPayload.tags.system_domain | observer.domain.name |
| k8s-pod/security_istio_io/tlsMode | additional.fields |
| labels.k8s-pod/harness_io/release-name | additional.fields |
| logName | security_result.category_details |
| resource.labels.cluster_name | target.resource.name |
| resource.labels.container_name | target.resource.attribute.labels |
| resource.labels.location | target.cloud.availability_zone |
| resource.labels.namespace_name | target.namespace |
| resource.labels.pod_name | target.resource.attribute.labels |
| resource.labels.project_id | target.cloud.project.id |
| resource.type | target.resource.resource_subtype |
| session | network.session_id |
| textPayload | security_result.summary |
Product Event Types¶
| Event | UDM Event Classification |
|---|---|
| AdministratorLogoutRequestHandler | USER_LOGOUT |
| CreateRemoteAdminMapping | GROUP_MODIFICATION |
| Generic | GENERIC_EVENT |
| Logging In | USER_LOGIN |
| RemoveRemoteAdminMapping | GROUP_MODIFICATION |
| Session is valid | USER_LOGIN |
| UpdateRemoteAdminMapping | GROUP_MODIFICATION |
Log Sample¶
{"insertId":"1etazzfg1jzlu6o","jsonPayload":{"appInfo":{"applicationId":"ea1aebbd-1ebb-420b-b08e-1b67654dcdb7","applicationName":"ts__auth__10","ignoreApp":false,"orgId":"ABCD1234-5815-4555-8d85-023751827142","orgName":"authentication","spaceId":"ABCD1234-d0b8-45af-bd8b-5d0b2171088b","spaceName":"uat-123456789","splunkIndex":null},"deployment":"cf-123456789abcdefghijk","eventType":5,"firehoseMetadata":{"cf_scp_name":"az-dc3-test-sys","nozzle-event-counter":"35872710","subscription-id":"pcfkafkafirehosenozzlesazplttest","uuid":"pcfkafkafirehosenozzlesazplttest"},"index":"836f1373-e42b-47e7-9c69-b8d1edfd6800","ip":"10.174.139.145","job":"diego_cell","logMessage":{"applicationId":"ea1aebbd-1ebb-420b-b08e-1b67654dcdb7","message":"2024-12-16 14:58:20.974 DEBUG [default] [0c6712_581941] [] vider$AdminSessionCookieIdAuthenticator$ Session:[] Correlation:[] Session is valid, success; session: [1aa22123-9b08-41c7-856c-e3b8f725d82a], administrator: [john.doe]","messageType":"OUT","sourceInstance":"0","sourceType":"APP/PROC/WEB","timestamp":1.7343611009748867e+18},"origin":"rep","tags":{"app_id":"ea1aebbd-1ebb-420b-b08e-1b67654dcdb7","app_name":"ts__auth__10","instance_id":"0","organization_id":"ABCD1234-5815-4555-8d85-023751827142","organization_name":"authentication","process_id":"ea1aebbd-1ebb-420b-b08e-1b67654dcdb7","process_instance_id":"a779785d-fb26-4c8a-48e8-f2d2","process_type":"web","product":"VMware Tanzu Application Service","source_id":"ea1aebbd-1ebb-420b-b08e-1b67654dcdb7","space_id":"ABCD1234-d0b8-45af-bd8b-5d0b2171088b","space_name":"uat-123456789","system_domain":"az-dc3c-test-sys.dev.example.com"},"timestamp":1.7343611009748867e+18},"logName":"projects/cs-example-123456789-uat8814/logs/onprem-example","receiveTimestamp":"2024-12-16T14:58:39.083931966Z","resource":{"labels":{"project_id":"cs-example-123456789-uat8814"},"type":"global"},"timestamp":"2024-12-16T14:58:20.974886602Z"}
Sample Parsing¶
additional.fields["index"] = "836f1373-e42b-47e7-9c69-b8d1edfd6800"
additional.fields["Job"] = "diego_cell"
metadata.description = "Session is valid"
metadata.event_type = "USER_LOGIN"
metadata.log_type = "TRANSMIT_FLEXID"
metadata.product_deployment_id = "cf-123456789abcdefghijk"
metadata.product_event_type = "5"
metadata.product_log_id = "1etazzfg1jzlu6o"
metadata.product_name = "FlexID"
metadata.vendor_name = "Transmit Security"
network.session_id = "1aa22123-9b08-41c7-856c-e3b8f725d82a"
observer.domain.name = "az-dc3c-test-sys.dev.example.com"
principal.ip = "10.174.139.145"
principal.process.pid = "ea1aebbd-1ebb-420b-b08e-1b67654dcdb7"
principal.user.userid = "john.doe"
security_result.action_details = "success"
security_result.action = "ALLOW"
security_result.category_details = "projects/cs-example-123456789-uat8814/logs/onprem-example"
security_result.summary = "2024-12-16 14:58:20.974 DEBUG [default] [0c6712_581941] [] vider$AdminSessionCookieIdAuthenticator$ Session:[] Correlation:[] Session is valid, success; session: [1aa22123-9b08-41c7-856c-e3b8f725d82a], administrator: [john.doe]"
target.application = "ts__auth__10"
target.cloud.project.id = "cs-example-123456789-uat8814"
target.namespace = "uat-123456789"
target.resource.attribute.labels.key = "applicationId"
target.resource.attribute.labels.value = "ea1aebbd-1ebb-420b-b08e-1b67654dcdb7"
target.resource.attribute.labels.key = "orgName"
target.resource.attribute.labels.value = "authentication"
target.resource.attribute.labels.key = "orgId"
target.resource.attribute.labels.value = "ABCD1234-5815-4555-8d85-023751827142"
target.resource.attribute.labels.key = "spaceId"
target.resource.attribute.labels.value = "ABCD1234-d0b8-45af-bd8b-5d0b2171088b"
target.resource.attribute.labels.key = "product"
target.resource.attribute.labels.value = "VMware Tanzu Application Service"
target.resource.resource_subtype = "global"