LDAP proxy XDAS audit outcome values

Hi all!

 

Recently i have encountered this problem, whereas i have to send ldap proxy logs to arcsight. So i started working with the logs, in the XDAS format, and i saw something interesing (for me atleast) with the outcome values, for example: "Outcome" : "2.3","ExtendedOutcome" : "49"

I was used to think (by sentinel experience), that it comes only with values 0-3 as success,fail,deny,unknown and the extentedoutcome has less values too, tho after a bit researching i realized the universe is bigger than that.

Could anyone please provide a thorough documentation about these events/outcomes, and their meanings? I was unable to find anything related on https://ldapwiki.com/ .

 

Thanks, Thomas

Parents Reply Children
No Data