Syslog Events: Messages Sent from the Software

Syslog Events
Event	Trigger
account_added	A new account has been added and saved.
account_changed	An existing account has been modified and saved.
account_removed	An existing account has been deleted.
account_group_added	A new account group has been added and saved.
account_group_changed	An existing account group has been modified and saved.
account_group_removed	An existing account group has been deleted.
account_jump_item_association_added	An association with a Jump Item was added for the account.
account_jump_item_association_changed	An association with a Jump Item was changed for the account.
account_jump_item_direct_association_added	The account is allowed to be injected for the specific Jump Items.
account_jump_item_direct_association_removed	The account is removed from the allowed list to be injected for the specific Jump Items.
accounts_changed	The group of one or more accounts was modified.
admin_password_reset_to_factory_default	The Reset Admin Account button has been clicked, reverting a site's administrative account to its default credentials.
api_account_added	A new API account has been added and saved.
api_account_changed	An existing API account has been modified and saved.
api_account_removed	An existing API account has been deleted.
backup_created	A backup of the current software configuration has been saved.
canned_script_added	A new canned script has been added and saved.
canned_script_category_added	A canned script has been newly assigned to a category, and the script has been saved.
canned_script_category_removed	A previously assigned canned message has been unassigned from a category, and the script has been saved.
canned_script_changed	An existing canned script's name, description, or command sequence has been changed, and the change has been saved.
canned_script_file_added	A resource file has been newly associated with a canned script, and the script has been saved.
canned_script_file_removed	A previously associated resource file has been removed from a canned script, and the script has been saved.
canned_script_removed	An existing canned script has been deleted.
canned_script_team_added	A team has been newly assigned to a canned script, and the script has been saved.
canned_script_team_removed	A previously assigned team has been unassigned from a canned script, and the script has been saved.
canned_scripts_category_added	A new canned scripts category has been created.
canned_scripts_category_removed	An existing canned scripts category has been deleted.
canned_scripts_file_added	A new canned script resource file has been uploaded.
canned_scripts_file_removed	An existing canned script resource file has been deleted.
certificate_export	An SSL certificate has been exported from the B Series Appliance.
change_display_name	A user has attempted to change their display name.
change_password	A user has attempted to change their password.
change_username	A user has attempted to change their username.
command_shell_filtering_regex_list	The list of Shell Prompt patterns.
custom_rep_link_added	A new custom link has been added and saved.
custom_rep_link_changed	An existing custom link has been edited and saved.
custom_rep_link_removed	An existing custom link has been deleted.
custom_session_attribute_added	A new custom field for API integration has been added and saved.
custom_session_attribute_changed	An existing custom field for API integration has been edited and saved.
custom_session_attribute_removed	An existing custom field for API integration has been removed.
custom_session_policy_added	Custom session permissions have been added to a user account, and the user account has been saved.
custom_session_policy_changed	Existing custom session permissions have been edited, and the user account has been saved.
custom_session_policy_removed	Existing custom session permissions have been removed from a user account, and the user account has been saved.
custom_special_action_added	A new custom special action has been added and saved.
custom_special_action_changed	An existing custom special action has been edited and saved.
custom_special_action_removed	An existing custom special action has been removed.
customizable_text_changed	An existing login agreement has been changed.
discovery_error_added	A new Discovery job error has been added.
discovery_error_changed	A new Discovery job error has been changed.
discovery_error_removed	A new Discovery job error has been removed.
domain_added	A new vault domain has been added and saved.
domain_changed	An existing account has been modified and saved.
domain_removed	An existing vault domain has been deleted.
downloaded_rep_client	A user has clicked the link to download the access console.
ecm_group_added	An ECM Group has been added.
ecm_group_changed	An ECM Group has been changed.
ecm_group_removed	An ECM Group has been removed.
endpoint_changed	An existing endpoint has been modified and saved.
endpoint_removed	An existing endpoint has been deleted.
eula_accepted	The BeyondTrust PRA Cloud end user license agreement (EULA) has been accepted by a user, and the username has been recorded.
fido2_credential_added	A new FIDO2 Autheticator has been added and saved.
fido2_credential_changed	An existing FIDO2 Autheticator has been modified and saved.
fido2_credential_removed	An existing FIDO2 Autheticator has been deleted.
file_removed_from_file_store	A file has been deleted from the file store.
file_uploaded_to_file_store	A file has been added to the file store.
group_policy_add_to_jump_group_added	A Jump Group has been added to a group policy's Add To Jump Groups list.
group_policy_add_to_jump_group_removed	A Jump Group has been removed from a group policy's Add To Jump Groups list.
group_policy_add_to_jumpoint_added	A Jumpoint has been added to a group policy's Add To Jumpoints list.
group_policy_add_to_jumpoint_removed	A Jumpoint has been removed from a group policy's Add To Jumpoints list.
group_policy_add_to_support_teams_added	A team has been added to a group policy's Add To Teams list.
group_policy_add_to_support_teams_removed	A team has been removed from a group policy's Add To Teams list.
group_policy_added	A new group policy has been created and saved.
group_policy_changed	An existing group policy's priority level has changed, and the change has been saved.
group_policy_member_added	A new member has been added to a group policy, and the policy has been saved.
group_policy_member_removed	An existing member has been removed from a group policy, and the policy has been saved.
group_policy_remove_from_jump_group_added	A Jump Group has been added to a group policy's Remove From Jump Groups list.
group_policy_remove_from_jump_group_removed	A Jump Group has been removed from a group policy's Remove From Jump Groups list.
group_policy_remove_from_jumpoint_added	A Jumpoint has been added to a group policy's Remove From Jumpoints list.
group_policy_remove_from_jumpoint_removed	A Jumpoint has been removed from a group policy's Remove From Jumpoints list.
group_policy_remove_from_support_teams_added	A team has been added to a group policy's Remove From Teams list.
group_policy_remove_from_support_teams_removed	A team has been removed from a group policy's Remove From Teams list.
group_policy_removed	An existing group policy has been deleted.
jump_item_role_added	A new Jump Item Role has been created and saved.
jump_item_role_changed	An existing Jump Item Role has been modified and saved.
jump_item_role_removed	An existing Jump Item Role has been deleted.
jump_policy:schedule_entry_added	A new schedule entry has been added to a Jump Policy, and the policy has been saved.
jump_policy:schedule_entry_removed	An existing schedule entry has been removed from a Jump Policy, and the policy has been saved.
jump_policy_added	A new Jump Policy has been created and saved.
jump_policy_changed	An existing Jump Policy has been modified and saved.
jump_policy_removed	An existing Jump Policy has been deleted.
jumpoint_cluster_added	A new Jumpoint or Jumpoint cluster has been created and saved.
jumpoint_cluster_changed	An existing Jumpoint or Jumpoint cluster has been changed.
jumpoint_cluster_removed	An existing Jumpoint or Jumpoint cluster has been deleted.
jumpoint_user_added	A new member has been added to a Jumpoint, and the Jumpoint has been saved.
jumpoint_user_removed	An existing member has been removed from a Jumpoint, and the Jumpoint has been saved.
kerberos_keytab_added	A new Kerberos keytab has been uploaded.
kerberos_keytab_removed	An existing Kerberos keytab has been deleted.
login	A login attempt has been made.
login_schedule_entry_added	A new login schedule entry has been added to a user's group policy's login schedule, and the user account or group policy has been saved.
login_schedule_entry_removed	An existing login schedule entry has been removed from a user's group policy's login schedule, and the user group policy has been saved.
logout	A user has logged out of the access console, whether by deliberate action, by an administrator, or as the result of a lost connection to the B Series Appliance.
management_account_added	A new management account has been added and saved.
management_account_changed	An existing management account has been modified and saved.
management_account_removed	An existing management account has been deleted.
msgraph_http_recipient_added	A new service principal has been added and saved.
msgraph_http_recipient_changed	An existing service principal has been modified and saved.
msgraph_http_recipient_removed	An existing service principal has been deleted.
network_address_added	A new IP address has been added and saved.
network_address_changed	An existing IP address has been modified and saved.
network_address_removed	An existing IP address has been deleted. Note that you cannot delete the default route.
network_changed	The global network configuration has been changed, and the change has been saved.
network_route_changed	A static route has been added, modified, or removed.
network_tunnel_jump_item_added	A network tunnel Jump Item has been added.
network_tunnel_jump_item_changed	A network tunnel Jump Item has been changed and saved.
network_tunnel_jump_item_removed	A network tunnel Jump Item has been removed.
outbound_event_email_recipient_added	A new email outbound event has been added and saved.
outbound_event_email_recipient_changed	An existing email outbound event has been modified and saved.
outbound_event_email_recipient_removed	An existing email outbound event has been deleted.
outbound_event_email_trigger_added	A new trigger has been added for an email outbound event, and the event has been saved.
outbound_event_email_trigger_removed	An existing trigger for an email outbound event has been removed, and the event has been saved.
outbound_event_http_recipient_added	A new HTTP outbound event has been added and saved.
outbound_event_http_recipient_changed	An existing HTTP outbound event has been modified and saved.
outbound_event_http_recipient_removed	An existing HTTP outbound event has been deleted.
outbound_event_http_trigger_added	A new trigger has been added for an HTTP outbound event, and the event has been saved.
outbound_event_http_trigger_removed	An existing trigger for an HTTP outbound event has been removed, and the event has been saved.
pending_user_added	A pending user has been added and saved.
pending_user_changed	A pending user has been modified and saved.
pending_user_removed	A pending user was deleted.
pending_vendor_user_added	A vendor user registration request was made.
pending_vendor_user_deleted	A pending vendor user was deleted.
perm_remote_shell_Allow list	A command filtering option has been Allow listed or Deny listed. Or, all commands are allowed.
perm_remote_shell_filter_commands	The list of Allow listed or Deny listed command patterns.
public_site_portal_logo_uploaded	A new logo image for the public site has been uploaded.
public_site_session_attribute_added	A public site session attribute has been added.
public_site_session_attribute_changed	A public site session attribute has been changed.
public_site_session_attribute_removed	A public site session attribute has been removed.
reboot	The B Series Appliance has been rebooted.
remote_rfb_jump_item_added	A Remote RFB Jump Item has been added.
remote_rfb_jump_item_removed	A Remote RFB Jump Item has been removed.
rep_client_connection_terminated	An administrator has terminated a user's connection.
rep_console_setting_added	A managed access console setting has been defined for the first time, and the settings have been saved.
rep_console_setting_changed	A managed access console setting has been changed, and the settings have been saved.
rep_console_setting_removed	A managed access console setting has been marked as undefined, and the settings have been saved.
rep_invite_added	A session policy has been made available for access invites, and the session policy has been saved.
rep_invite_removed	A session policy has been made unavailable for access invites and has been saved, or a session policy available for access invites has been deleted.
repinvite_setting_added	An access invite setting has been added because a session policy has been made available for access invites, and the session policy has been saved.
repinvite_setting_removed	An access invite setting has been removed either because a session policy has been made unavailable for access invites and has been saved, or because a session policy available for access invites has been deleted.
reporting_erasure	Session reports have had representative or customer data anonymized.
restored_from_backup	The software configuration has been successfully restored from its backup file.
restoring_from_backup	The software configuration is in the process of restoring from its backup file.
scheduled_discovery_job_added	The domain scheduled discovery has been added.
scheduled_discovery_job_changed	The domain scheduled discovery has changed.
security_provider_added	A new security provider configuration has been added and saved.
security_provider_changed	An existing security provider configuration's priority level has changed, and the change has been saved.
security_provider_removed	An existing security provider configuration has been deleted.
security_provider_setting_added	A security provider setting has been added as part of the initial configuration, and the configuration has been saved.
security_provider_setting_changed	An existing security provider configuration has been modified and saved.
security_provider_setting_removed	A security provider setting has been removed as part of the deletion of a security provider configuration.
server_software_restarted	The BeyondTrust software has been restarted.
session_policy_added	A new session policy has been added and saved.
session_policy_changed	An existing session policy has been modified and saved.
session_policy_removed	An existing session policy has been deleted.
setting_added	A setting has been defined and saved for the first time.
setting_changed	A setting has been modified and saved.
shared_jump_group_added	A new Jump Group has been added and saved.
shared_jump_group_changed	An existing Jump Group has been modified and saved.
shared_jump_group_removed	An existing Jump Group has been deleted.
SNMP_changed	The SNMPv2 Server has been changed.
ssh_account_added	An SSH account has been added.
ssh_account_changed	An SSH account has been modified and saved.
ssh_account_removed	An SSH account has been removed.
starting_support_tunnel	A support tunnel has been initiated from the B Series Appliance.
support_session_detail_generated	A detailed report has been run for an access session.
support_session_report_generated	A report of access sessions has been run.
support_session_summary_report_generated	A summary report of support sessions has been run.
support_team_added	A team has been added.
support_team_changed	A team has been changed.
support_team_member_added	A new member has been added to a team, and the team has been saved.
support_team_member_changed	An existing member has been assigned a different role in a team, and the team has been saved.
support_team_member_removed	An existing member has been deleted from a team, and the team has been saved.
support_team_removed	An existing team has been deleted.
syslog_server_changed	The remote syslog server setting has been changed and saved.
team_activity_report_generated	A team activity report has been run.
user_account_report_generated	A user account report has been generated.
user_added	A new local user has been created and saved. Event fields differ between /login users and /appliance users.
user_changed	An existing local user has been modified and saved. Event fields differ between /login users and /appliance users.
user_removed	An existing local user has been deleted. Event fields differ between /login users and /appliance users.
user_session_policy_added	A session policy has been applied to a user account, and the user account has been saved.
user_session_policy_removed	A session policy has been removed from a user account, and the user account has been saved.
vault_account_password_rotation	Vault account password has been rotated.
vendor_activity_report_generated	A vendor report was generated.
windows_service_changed	A Windows service has been changed and saved.
windows_service_removed	A Windows service was removed.

account_added

A new account has been added and saved.

account_changed

An existing account has been modified and saved.

account_removed

An existing account has been deleted.

account_group_added

A new account group has been added and saved.

account_group_changed

An existing account group has been modified and saved.

account_group_removed

An existing account group has been deleted.

account_jump_item_association_added

An association with a Jump Item was added for the account.

account_jump_item_association_changed

An association with a Jump Item was changed for the account.

account_jump_item_direct_association_added

The account is allowed to be injected for the specific Jump Items.

account_jump_item_direct_association_removed

The account is removed from the allowed list to be injected for the specific Jump Items.

accounts_changed

The group of one or more accounts was modified.

admin_password_reset_to_factory_default

The Reset Admin Account button has been clicked, reverting a site's administrative account to its default credentials.

api_account_added

A new API account has been added and saved.

api_account_changed

An existing API account has been modified and saved.

api_account_removed

An existing API account has been deleted.

backup_created

A backup of the current software configuration has been saved.

canned_script_added

A new canned script has been added and saved.

canned_script_category_added

A canned script has been newly assigned to a category, and the script has been saved.

canned_script_category_removed

A previously assigned canned message has been unassigned from a category, and the script has been saved.

canned_script_changed

An existing canned script's name, description, or command sequence has been changed, and the change has been saved.

canned_script_file_added

A resource file has been newly associated with a canned script, and the script has been saved.

canned_script_file_removed

A previously associated resource file has been removed from a canned script, and the script has been saved.

canned_script_removed

An existing canned script has been deleted.

canned_script_team_added

A team has been newly assigned to a canned script, and the script has been saved.

canned_script_team_removed

A previously assigned team has been unassigned from a canned script, and the script has been saved.

canned_scripts_category_added

A new canned scripts category has been created.

canned_scripts_category_removed

An existing canned scripts category has been deleted.

canned_scripts_file_added

A new canned script resource file has been uploaded.

canned_scripts_file_removed

An existing canned script resource file has been deleted.

certificate_export

An SSL certificate has been exported from the B Series Appliance.

change_display_name

A user has attempted to change their display name.

change_password

A user has attempted to change their password.

change_username

A user has attempted to change their username.

command_shell_filtering_regex_list

The list of Shell Prompt patterns.

custom_rep_link_added

A new custom link has been added and saved.

custom_rep_link_changed

An existing custom link has been edited and saved.

custom_rep_link_removed

An existing custom link has been deleted.

custom_session_attribute_added

A new custom field for API integration has been added and saved.

custom_session_attribute_changed

An existing custom field for API integration has been edited and saved.

custom_session_attribute_removed

An existing custom field for API integration has been removed.

custom_session_policy_added

Custom session permissions have been added to a user account, and the user account has been saved.

custom_session_policy_changed

Existing custom session permissions have been edited, and the user account has been saved.

custom_session_policy_removed

Existing custom session permissions have been removed from a user account, and the user account has been saved.

custom_special_action_added

A new custom special action has been added and saved.

custom_special_action_changed

An existing custom special action has been edited and saved.

custom_special_action_removed

An existing custom special action has been removed.

customizable_text_changed

An existing login agreement has been changed.

discovery_error_added

A new Discovery job error has been added.

discovery_error_changed

A new Discovery job error has been changed.

discovery_error_removed

A new Discovery job error has been removed.

domain_added

A new vault domain has been added and saved.

domain_changed

An existing account has been modified and saved.

domain_removed

An existing vault domain has been deleted.

downloaded_rep_client

A user has clicked the link to download the access console.

ecm_group_added

An ECM Group has been added.

ecm_group_changed

An ECM Group has been changed.

ecm_group_removed

An ECM Group has been removed.

endpoint_changed

An existing endpoint has been modified and saved.

endpoint_removed

An existing endpoint has been deleted.

eula_accepted

The BeyondTrust PRA Cloud end user license agreement (EULA) has been accepted by a user, and the username has been recorded.

fido2_credential_added

A new FIDO2 Autheticator has been added and saved.

fido2_credential_changed

An existing FIDO2 Autheticator has been modified and saved.

fido2_credential_removed

An existing FIDO2 Autheticator has been deleted.

file_removed_from_file_store

A file has been deleted from the file store.

file_uploaded_to_file_store

A file has been added to the file store.

group_policy_add_to_jump_group_added

A Jump Group has been added to a group policy's Add To Jump Groups list.

group_policy_add_to_jump_group_removed

A Jump Group has been removed from a group policy's Add To Jump Groups list.

group_policy_add_to_jumpoint_added

A Jumpoint has been added to a group policy's Add To Jumpoints list.

group_policy_add_to_jumpoint_removed

A Jumpoint has been removed from a group policy's Add To Jumpoints list.

group_policy_add_to_support_teams_added

A team has been added to a group policy's Add To Teams list.

group_policy_add_to_support_teams_removed

A team has been removed from a group policy's Add To Teams list.

group_policy_added

A new group policy has been created and saved.

group_policy_changed

An existing group policy's priority level has changed, and the change has been saved.

group_policy_member_added

A new member has been added to a group policy, and the policy has been saved.

group_policy_member_removed

An existing member has been removed from a group policy, and the policy has been saved.

group_policy_remove_from_jump_group_added

A Jump Group has been added to a group policy's Remove From Jump Groups list.

group_policy_remove_from_jump_group_removed

A Jump Group has been removed from a group policy's Remove From Jump Groups list.

group_policy_remove_from_jumpoint_added

A Jumpoint has been added to a group policy's Remove From Jumpoints list.

group_policy_remove_from_jumpoint_removed

A Jumpoint has been removed from a group policy's Remove From Jumpoints list.

group_policy_remove_from_support_teams_added

A team has been added to a group policy's Remove From Teams list.

group_policy_remove_from_support_teams_removed

A team has been removed from a group policy's Remove From Teams list.

group_policy_removed

An existing group policy has been deleted.

jump_item_role_added

A new Jump Item Role has been created and saved.

jump_item_role_changed

An existing Jump Item Role has been modified and saved.

jump_item_role_removed

An existing Jump Item Role has been deleted.

jump_policy:schedule_entry_added

A new schedule entry has been added to a Jump Policy, and the policy has been saved.

jump_policy:schedule_entry_removed

An existing schedule entry has been removed from a Jump Policy, and the policy has been saved.

jump_policy_added

A new Jump Policy has been created and saved.

jump_policy_changed

An existing Jump Policy has been modified and saved.

jump_policy_removed

An existing Jump Policy has been deleted.

jumpoint_cluster_added

A new Jumpoint or Jumpoint cluster has been created and saved.

jumpoint_cluster_changed

An existing Jumpoint or Jumpoint cluster has been changed.

jumpoint_cluster_removed

An existing Jumpoint or Jumpoint cluster has been deleted.

jumpoint_user_added

A new member has been added to a Jumpoint, and the Jumpoint has been saved.

jumpoint_user_removed

An existing member has been removed from a Jumpoint, and the Jumpoint has been saved.

kerberos_keytab_added

A new Kerberos keytab has been uploaded.

kerberos_keytab_removed

An existing Kerberos keytab has been deleted.

login

A login attempt has been made.

login_schedule_entry_added

A new login schedule entry has been added to a user's group policy's login schedule, and the user account or group policy has been saved.

login_schedule_entry_removed

An existing login schedule entry has been removed from a user's group policy's login schedule, and the user group policy has been saved.

logout

A user has logged out of the access console, whether by deliberate action, by an administrator, or as the result of a lost connection to the B Series Appliance.

management_account_added

A new management account has been added and saved.

management_account_changed

An existing management account has been modified and saved.

management_account_removed

An existing management account has been deleted.

msgraph_http_recipient_added

A new service principal has been added and saved.

msgraph_http_recipient_changed

An existing service principal has been modified and saved.

msgraph_http_recipient_removed

An existing service principal has been deleted.

network_address_added

A new IP address has been added and saved.

network_address_changed

An existing IP address has been modified and saved.

network_address_removed

An existing IP address has been deleted. Note that you cannot delete the default route.

network_changed

The global network configuration has been changed, and the change has been saved.

network_route_changed

A static route has been added, modified, or removed.

network_tunnel_jump_item_added

A network tunnel Jump Item has been added.

network_tunnel_jump_item_changed

A network tunnel Jump Item has been changed and saved.

network_tunnel_jump_item_removed

A network tunnel Jump Item has been removed.

outbound_event_email_recipient_added

A new email outbound event has been added and saved.

outbound_event_email_recipient_changed

An existing email outbound event has been modified and saved.

outbound_event_email_recipient_removed

An existing email outbound event has been deleted.

outbound_event_email_trigger_added

A new trigger has been added for an email outbound event, and the event has been saved.

outbound_event_email_trigger_removed

An existing trigger for an email outbound event has been removed, and the event has been saved.

outbound_event_http_recipient_added

A new HTTP outbound event has been added and saved.

outbound_event_http_recipient_changed

An existing HTTP outbound event has been modified and saved.

outbound_event_http_recipient_removed

An existing HTTP outbound event has been deleted.

outbound_event_http_trigger_added

A new trigger has been added for an HTTP outbound event, and the event has been saved.

outbound_event_http_trigger_removed

An existing trigger for an HTTP outbound event has been removed, and the event has been saved.

pending_user_added

A pending user has been added and saved.

pending_user_changed

A pending user has been modified and saved.

pending_user_removed

A pending user was deleted.

pending_vendor_user_added

A vendor user registration request was made.

pending_vendor_user_deleted

A pending vendor user was deleted.

perm_remote_shell_Allow list

A command filtering option has been Allow listed or Deny listed. Or, all commands are allowed.

perm_remote_shell_filter_commands

The list of Allow listed or Deny listed command patterns.

public_site_portal_logo_uploaded

A new logo image for the public site has been uploaded.

public_site_session_attribute_added

A public site session attribute has been added.

public_site_session_attribute_changed

A public site session attribute has been changed.

public_site_session_attribute_removed

A public site session attribute has been removed.

reboot

The B Series Appliance has been rebooted.

remote_rfb_jump_item_added

A Remote RFB Jump Item has been added.

remote_rfb_jump_item_removed

A Remote RFB Jump Item has been removed.

rep_client_connection_terminated

An administrator has terminated a user's connection.

rep_console_setting_added

A managed access console setting has been defined for the first time, and the settings have been saved.

rep_console_setting_changed

A managed access console setting has been changed, and the settings have been saved.

rep_console_setting_removed

A managed access console setting has been marked as undefined, and the settings have been saved.

rep_invite_added

A session policy has been made available for access invites, and the session policy has been saved.

rep_invite_removed

A session policy has been made unavailable for access invites and has been saved, or a session policy available for access invites has been deleted.

repinvite_setting_added

An access invite setting has been added because a session policy has been made available for access invites, and the session policy has been saved.

repinvite_setting_removed

An access invite setting has been removed either because a session policy has been made unavailable for access invites and has been saved, or because a session policy available for access invites has been deleted.

reporting_erasure

Session reports have had representative or customer data anonymized.

restored_from_backup

The software configuration has been successfully restored from its backup file.

restoring_from_backup

The software configuration is in the process of restoring from its backup file.

scheduled_discovery_job_added

The domain scheduled discovery has been added.

scheduled_discovery_job_changed

The domain scheduled discovery has changed.

security_provider_added

A new security provider configuration has been added and saved.

security_provider_changed

An existing security provider configuration's priority level has changed, and the change has been saved.

security_provider_removed

An existing security provider configuration has been deleted.

security_provider_setting_added

A security provider setting has been added as part of the initial configuration, and the configuration has been saved.

security_provider_setting_changed

An existing security provider configuration has been modified and saved.

security_provider_setting_removed

A security provider setting has been removed as part of the deletion of a security provider configuration.

server_software_restarted

The BeyondTrust software has been restarted.

session_policy_added

A new session policy has been added and saved.

session_policy_changed

An existing session policy has been modified and saved.

session_policy_removed

An existing session policy has been deleted.

setting_added

A setting has been defined and saved for the first time.

setting_changed

A setting has been modified and saved.

shared_jump_group_added

A new Jump Group has been added and saved.

shared_jump_group_changed

An existing Jump Group has been modified and saved.

shared_jump_group_removed

An existing Jump Group has been deleted.

SNMP_changed

The SNMPv2 Server has been changed.

ssh_account_added

An SSH account has been added.

ssh_account_changed

An SSH account has been modified and saved.

ssh_account_removed

An SSH account has been removed.

starting_support_tunnel

A support tunnel has been initiated from the B Series Appliance.

support_session_detail_generated

A detailed report has been run for an access session.

support_session_report_generated

A report of access sessions has been run.

support_session_summary_report_generated

A summary report of support sessions has been run.

support_team_added

A team has been added.

support_team_changed

A team has been changed.

support_team_member_added

A new member has been added to a team, and the team has been saved.

support_team_member_changed

An existing member has been assigned a different role in a team, and the team has been saved.

support_team_member_removed

An existing member has been deleted from a team, and the team has been saved.

support_team_removed

An existing team has been deleted.

syslog_server_changed

The remote syslog server setting has been changed and saved.

team_activity_report_generated

A team activity report has been run.

user_account_report_generated

A user account report has been generated.

user_added

A new local user has been created and saved. Event fields differ between /login users and /appliance users.

user_changed

An existing local user has been modified and saved. Event fields differ between /login users and /appliance users.

user_removed

An existing local user has been deleted. Event fields differ between /login users and /appliance users.

user_session_policy_added

A session policy has been applied to a user account, and the user account has been saved.

user_session_policy_removed

A session policy has been removed from a user account, and the user account has been saved.

vault_account_password_rotation

Vault account password has been rotated.

vendor_activity_report_generated

A vendor report was generated.

windows_service_changed

A Windows service has been changed and saved.

windows_service_removed

A Windows service was removed.