Skip to content

Tufin SecureTrack

Tufin SecureTrack

About

SecureTrack+ is here to make network security less complicated. It gives you the visibility and control you need over your hybrid-cloud networks, helping to simplify policy management and reduce risks. Experience a practical solution that’s built to support your network’s continuous growth and adaptation.

Product Details

Vendor URL: Tufin SecureTrack

Product Type: Policy audit tool

Product Tier: Tier III

Integration Method: Syslog

Log Guide: SecureTrack Audit Trail

Parser Details

Log Format: Syslog

Expected Normalization Rate: 100%

Data Label: TTPORTAL_DB38

UDM Fields (list of all UDM fields leveraged in the Parser):

Log File Field UDM Field
Tufin (static) metadata.vendor_name
SecureTrack (static) metadata.product_name
Custom filter metadata.product_event_type
Custom filter metadata.description
Custom filter observer.hostname
Custom filter principal.user.userid
Custom filter target.hostname
Custom filter target.resource.resource_subtype
Custom filter target.user.userid

Product Event Types

Event UDM Event Classification
Rule Export USER_RESOURCE_UPDATE_CONTENT
Session USER_UNCATEGORIZED
Generate USER_RESOURCE_CREATION
View policy USER_RESOURCE_ACCESS
Login USER_LOGIN
all others GENERIC_EVENT

Log Sample

<14>Mar 21 11:04:35 hostname1 SecureTrack: Login was done by john_doe., Additional Info: timestamp:2024.03.21 11:04:35 CDT

Sample Parsing

metadata.description = "Login was done by john_doe"
metadata.event_timestamp.seconds = 1711037075
metadata.event_type = "USER_LOGIN"
metadata.product_event_type = "Login"
metadata.product_name = "SecureTrack"
metadata.vendor_name = "Tufin"
observer.hostname = "hostname1"
target.user.userid = "john_doe"