Mappings: Cisco ISE Catch All

Input Requirements

Input	Value
Vendor	Cisco
Product	ISE
Log Format	JSON
Event ID Regex Pattern	`_default_`

Record Output

Output	Value
Vendor	Cisco Systems
Product	Identity Services Engine
Record Type	Audit

Fields Mapped

Cloud SIEM Schema Field	Original Record Key	Notes
description	description
device_hostname	syslog_hostname
device_ip	Device IP Address
logonType	Authen-Method
srcDevice_ip	Remote-Address
user_authDomain	AD-User-DNS-Domain
user_username	AD-User-SamAccount-Name