Skip to content


AWS Macie


Voltage solutions discover, analyze, and protect sensitive structured and unstructured data. It reduces breach risk, and enables data usability with privacy across hybrid IT.

Product Details

Vendor URL: Voltage Data Privacy and Protection - Micro Focus

Product Type: OS

Product Tier: Tier III

Integration Method: Custom

Integration URL: N/A

Log Guide: N/A

Parser Details

Log Format: Syslog

Expected Normalization Rate: 75%

Data Label: VOLTAGE

UDM Fields (list of all UDM fields leveraged in the Parser):

Log File Field UDM Field
vendor metadata.vendor_name
product metadata.product_name
version metadata.product_version
GENERIC_EVENT metadata.event_type
application principal.application
file_name src.file.full_path
command principal.process.command_line
src principal.hostname
src principal.ip
dst target.hostname
dst target.ip
dhost target.hostname
dhost target.ip
shost principal.hostname
shost principal.ip
suser principal.user.userid
summary security_result.summary
observer observer.hostname
observer observer.ip
ALLOW/BLOCK security_result.action
INFORMATIONAL/LOW/MEDIUM/HIGH security_result.severity
product_event metadata.product_event_type
log_data metadata.description

Product Event Types

type,subtype severity UDM Event Classification alerting enabled

Log Sample

<85>Dec 16 17:09:18 SERVERNAME sudo: ngc-svc : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_wm_wrapper -c check_disk -a -e -w 25% -c 10% -x /

Sample Parsing

metadata.event_timestamp = "2021-12-16T17:09:18Z"
metadata.event_type = "GENERIC_EVENT"
metadata.vendor_name = "VOLTAGE"
metadata.product_event_type = "sudo"
metadata.description = "ngc-svc : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_wm_wrapper -c check_disk -a -e -w 25% -c 10% -x /"
metadata.ingested_timestamp = "2021-12-16T17:09:23.301747Z"
principal.user.userid = "root"
principal.process.command_line = "/usr/local/nagios/libexec/check_wm_wrapper -c check_disk -a -e -w 25% -c 10% -x /"
principal.namespace = "COMPANYNAME"
src.file.full_path = "/"
src.namespace = "COMPANYNAME"
observer.hostname = "SERVERNAME"
observer.namespace = "COMPANYNAME"

Parser Alerting

This product currently does not have any Parser-based Alerting


Coming Soon