Vasco Identikey Parser (based on windows unified)

Document created by vip on Aug 23, 2011
Version 1Show Document
  • View in full screen mode

Windows Unified connector allows you to create a sort of flexconnector for application logging in the windows event log. This is what we did for Vasco Identikey Server, installed on a Windows 2008 R2 platform. We also created the categorization file with all documented vasco events (but during our tests we figured out there are undocumented messages generated by the device : these messages will be parsed but not categorized and extra information contained in these messages may not be correctly extracted).

 

Note that this parser is composed of multiple chained parsers : windowsfg => keyvalue => regex => another keyvalue (to parse "details" field)

 

Enjoy !

Outcomes