visibility packet-capture global-templates template trigger-sys-obj-stats-change aam-auth-server-win¶

Configure triggers for aam.authentication.server.windows object

aam-auth-server-win Specification¶

Parameter Value

Type Configuration Resource

Element Name aam-auth-server-win

Element URI /axapi/v3/visibility/packet-capture/global-templates/template/{name}/trigger-sys-obj-stats-change/aam-auth-server-win

Element Attributes aam-auth-server-win_attributes

Partition Visibility shared

Schema aam-auth-server-win schema

Operations Allowed:

Operation	Method	URI	Payload
Create Object	POST	/axapi/v3/visibility/packet-capture/global-templates/template/{name}/trigger-sys-obj-stats-change/aam-auth-server-win	aam-auth-server-win attributes
POST /axapi/v3/visibility/packet-capture/global-templates/template/a/trigger-sys-obj-stats-change/aam-auth-server-win Payload: { "aam-auth-server-win": { "trigger-stats-inc": { "kerberos-timeout-error": 1 } } }
Get Object	GET	/axapi/v3/visibility/packet-capture/global-templates/template/{name}/trigger-sys-obj-stats-change/aam-auth-server-win	aam-auth-server-win attributes
GET /axapi/v3/visibility/packet-capture/global-templates/template/a/trigger-sys-obj-stats-change/aam-auth-server-win Reponse: { "aam-auth-server-win": { "uuid": "ecf69e7c-5156-11ee-99f1-db2b8dabed7a", "trigger-stats-inc": { "kerberos-timeout-error": 1, "kerberos-other-error": 0, "ntlm-authentication-failure": 0, "ntlm-proto-negotiation-failure": 0, "ntlm-session-setup-failed": 0, "kerberos-request-dropped": 0, "kerberos-response-failure": 0, "kerberos-response-error": 0, "kerberos-response-timeout": 0, "kerberos-job-start-error": 0, "kerberos-polling-control-error": 0, "ntlm-prepare-req-failed": 0, "ntlm-timeout-error": 0, "ntlm-other-error": 0, "ntlm-request-dropped": 0, "ntlm-response-failure": 0, "ntlm-response-error": 0, "ntlm-response-timeout": 0, "ntlm-job-start-error": 0, "ntlm-polling-control-error": 0, "kerberos-pw-expiry": 0, "kerberos-pw-change-failure": 0, "kerberos-validate-kdc-failure": 0, "kerberos-generate-kdc-keytab-failure": 0, "kerberos-delete-kdc-keytab-failure": 0, "uuid": "ecf69f8a-5156-11ee-99f1-db2b8dabed7a", "a10-url": "/axapi/v3/visibility/packet-capture/global-templates/template/a/trigger-sys-obj-stats-change/aam-auth-server-win/trigger-stats-inc" }, "trigger-stats-rate": { "threshold-exceeded-by": 5, "duration": 60, "kerberos-timeout-error": 0, "kerberos-other-error": 0, "ntlm-authentication-failure": 0, "ntlm-proto-negotiation-failure": 0, "ntlm-session-setup-failed": 0, "kerberos-request-dropped": 0, "kerberos-response-failure": 0, "kerberos-response-error": 0, "kerberos-response-timeout": 0, "kerberos-job-start-error": 0, "kerberos-polling-control-error": 0, "ntlm-prepare-req-failed": 0, "ntlm-timeout-error": 0, "ntlm-other-error": 0, "ntlm-request-dropped": 0, "ntlm-response-failure": 0, "ntlm-response-error": 0, "ntlm-response-timeout": 0, "ntlm-job-start-error": 0, "ntlm-polling-control-error": 0, "kerberos-pw-expiry": 0, "kerberos-pw-change-failure": 0, "kerberos-validate-kdc-failure": 0, "kerberos-generate-kdc-keytab-failure": 0, "kerberos-delete-kdc-keytab-failure": 0, "uuid": "ecf6a0ac-5156-11ee-99f1-db2b8dabed7a", "a10-url": "/axapi/v3/visibility/packet-capture/global-templates/template/a/trigger-sys-obj-stats-change/aam-auth-server-win/trigger-stats-rate" }, "a10-url": "/axapi/v3/visibility/packet-capture/global-templates/template/a/trigger-sys-obj-stats-change/aam-auth-server-win" } }
Modify Object	POST	/axapi/v3/visibility/packet-capture/global-templates/template/{name}/trigger-sys-obj-stats-change/aam-auth-server-win	aam-auth-server-win attributes
Replace Object	PUT	/axapi/v3/visibility/packet-capture/global-templates/template/{name}/trigger-sys-obj-stats-change/aam-auth-server-win	aam-auth-server-win attributes
PUT /axapi/v3/visibility/packet-capture/global-templates/template/a/trigger-sys-obj-stats-change/aam-auth-server-win Payload: { "aam-auth-server-win": { "trigger-stats-inc": { "kerberos-other-error": 0 } } }
Delete Object	DELETE	/axapi/v3/visibility/packet-capture/global-templates/template/{name}/trigger-sys-obj-stats-change/aam-auth-server-win	aam-auth-server-win attributes

aam-auth-server-win attributes¶

trigger-stats-inc

Description: trigger-stats-inc is a JSON Block. Please see below for trigger-stats-inc

Type: Object

Reference Object: /axapi/v3/visibility/packet-capture/global-templates/template/{name}/trigger-sys-obj-stats-change/aam-auth-server-win/trigger-stats-inc

trigger-stats-rate

Description: trigger-stats-rate is a JSON Block. Please see below for trigger-stats-rate

Type: Object

Reference Object: /axapi/v3/visibility/packet-capture/global-templates/template/{name}/trigger-sys-obj-stats-change/aam-auth-server-win/trigger-stats-rate

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

trigger-stats-inc¶

Specification Value

Type object

kerberos-delete-kdc-keytab-failure

Description Enable automatic packet-capture for Total Kerberos KDC Keytab Deletion Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-generate-kdc-keytab-failure

Description Enable automatic packet-capture for Total Kerberos KDC Keytab Generation Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-job-start-error

Description Enable automatic packet-capture for Total Kerberos Job Start Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-other-error

Description Enable automatic packet-capture for Total Kerberos Other Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-polling-control-error

Description Enable automatic packet-capture for Total Kerberos Polling Control Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-pw-change-failure

Description Enable automatic packet-capture for Total Kerberos password change failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-pw-expiry

Description Enable automatic packet-capture for Total Kerberos password expiry

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-request-dropped

Description Enable automatic packet-capture for Total Kerberos Dropped Request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-response-error

Description Enable automatic packet-capture for Total Kerberos Error Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-response-failure

Description Enable automatic packet-capture for Total Kerberos Failure Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-response-timeout

Description Enable automatic packet-capture for Total Kerberos Timeout Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-timeout-error

Description Enable automatic packet-capture for Total Kerberos Timeout

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-validate-kdc-failure

Description Enable automatic packet-capture for Total Kerberos KDC Validation Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-authentication-failure

Description Enable automatic packet-capture for Total NTLM Authentication Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-job-start-error

Description Enable automatic packet-capture for Total NTLM Job Start Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-other-error

Description Enable automatic packet-capture for Total NTLM Other Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-polling-control-error

Description Enable automatic packet-capture for Total NTLM Polling Control Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-prepare-req-failed

Description Enable automatic packet-capture for Total NTLM Prepare Request Failed

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-proto-negotiation-failure

Description Enable automatic packet-capture for Total NTLM Protocol Negotiation Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-request-dropped

Description Enable automatic packet-capture for Total NTLM Dropped Request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-response-error

Description Enable automatic packet-capture for Total NTLM Error Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-response-failure

Description Enable automatic packet-capture for Total NTLM Failure Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-response-timeout

Description Enable automatic packet-capture for Total NTLM Timeout Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-session-setup-failed

Description Enable automatic packet-capture for Total NTLM Session Setup Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-timeout-error

Description Enable automatic packet-capture for Total NTLM Timeout

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

trigger-stats-rate¶

Specification Value

Type object

duration

Description Time in seconds to look for the anomaly, default is 60

Type: number

Range: 1-250

Default: 60

kerberos-delete-kdc-keytab-failure

Description Enable automatic packet-capture for Total Kerberos KDC Keytab Deletion Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-generate-kdc-keytab-failure

Description Enable automatic packet-capture for Total Kerberos KDC Keytab Generation Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-job-start-error

Description Enable automatic packet-capture for Total Kerberos Job Start Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-other-error

Description Enable automatic packet-capture for Total Kerberos Other Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-polling-control-error

Description Enable automatic packet-capture for Total Kerberos Polling Control Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-pw-change-failure

Description Enable automatic packet-capture for Total Kerberos password change failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-pw-expiry

Description Enable automatic packet-capture for Total Kerberos password expiry

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-request-dropped

Description Enable automatic packet-capture for Total Kerberos Dropped Request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-response-error

Description Enable automatic packet-capture for Total Kerberos Error Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-response-failure

Description Enable automatic packet-capture for Total Kerberos Failure Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-response-timeout

Description Enable automatic packet-capture for Total Kerberos Timeout Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-timeout-error

Description Enable automatic packet-capture for Total Kerberos Timeout

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

kerberos-validate-kdc-failure

Description Enable automatic packet-capture for Total Kerberos KDC Validation Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-authentication-failure

Description Enable automatic packet-capture for Total NTLM Authentication Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-job-start-error

Description Enable automatic packet-capture for Total NTLM Job Start Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-other-error

Description Enable automatic packet-capture for Total NTLM Other Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-polling-control-error

Description Enable automatic packet-capture for Total NTLM Polling Control Error

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-prepare-req-failed

Description Enable automatic packet-capture for Total NTLM Prepare Request Failed

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-proto-negotiation-failure

Description Enable automatic packet-capture for Total NTLM Protocol Negotiation Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-request-dropped

Description Enable automatic packet-capture for Total NTLM Dropped Request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-response-error

Description Enable automatic packet-capture for Total NTLM Error Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-response-failure

Description Enable automatic packet-capture for Total NTLM Failure Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-response-timeout

Description Enable automatic packet-capture for Total NTLM Timeout Response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-session-setup-failed

Description Enable automatic packet-capture for Total NTLM Session Setup Failure

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ntlm-timeout-error

Description Enable automatic packet-capture for Total NTLM Timeout

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

threshold-exceeded-by

Description Set the threshold to the number of times greater than the previous duration to start the capture, default is 5

Type: number

Range: 0-100

Default: 5

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters