top of page
Search

Ping Federate CEF Certified Configuration Guide 4.20.10

  • Writer: Pavan Raja
    Pavan Raja
  • Apr 9, 2025
  • 2 min read

Summary:

The "Common Event Format Configuration Guide for PingIdentity PingFederate 6.3" is a user manual to help with configuring the software's event collection through syslog, supporting Windows, Linux, and Solaris platforms. It includes updates from previous versions and focuses on integrating with ArcSight's SmartConnector by mapping device events to specific data fields according to vendor-specific definitions. Key features involve setting up Log4J for CEF compliant logging, generating logs for SSO (Single Sign-On) and SLO (Single Log-Out), mapping PingFederate Connector fields to ArcSight, and integrating with SaaS applications like Salesforce and Google Apps via optional templates for automated user provisioning. The guide requires attention to managing sensitive information as it contains confidential and proprietary data.

Details:

The "Common Event Format Configuration Guide for PingIdentity PingFederate 6.3" is a document designed to help users configure the software for event collection through syslog, supporting Windows, Linux, and Solaris platforms. It outlines changes from previous versions and provides guidelines on integrating with ArcSight's SmartConnector for data mapping. Key features of this guide include:

  • Utilizing Log4J for logging in a CEF (Common Event Format) compliant manner, adjusting the configuration by adding or modifying the CEF log appender within the PingFederate Log4J setup file.

  • Generation of two primary logs: SSO (Single Sign-On) events and SLO (Single Log-Out) events, each with specific logging details.

  • Mapping device events to ArcSight data fields according to vendor-specific event definitions, which are then transmitted to the ArcSight SmartConnector for further processing.

  • Field mappings from the PingFederate Connector to ArcSight data fields such as Vendor Name, Product Name, PingFederate Version, Event ID, Transaction Time, Subject, Client Source IP, PingFederate Host Name, Status Msg, Tracking ID, Target application URL, Connection ID, Protocol, Role, and SP Local User ID (Account Linking).

  • Integration with SaaS applications like Salesforce and Google Apps through optional connection templates and automated user provisioning.

The guide also references a "PingFederate Admin Guide" for further logging configuration details and emphasizes the importance of managing sensitive information by noting that the document contains confidential and proprietary data.

Disclaimer:
The content in this post is for informational and educational purposes only. It may reference technologies, configurations, or products that are outdated or no longer supported. If there are any comments or feedback, kindly leave a message and will be responded.

Recent Posts

See All
Zeus Bot Use Case

Summary: "Zeus Bot Version 5.0" is a document detailing ArcSight's enhancements to its Zeus botnet detection capabilities within the...

 
 
 
Windows Unified Connector

Summary: The document "iServe_Demo_System_Usage_for_HP_ESP_Canada_Solution_Architects_v1.1" outlines specific deployment guidelines for...

 
 
 

Comments

@2021 Copyrights reserved.

bottom of page