Skip to main content
Blackboard Help

Standard Security Log Format

The standard security log format is key value pairs delimited by pipes.


timestamp=Aug 08 2008 08:08:08.888 EDT|app_vend=blackboard|app_name=learn|app_ver=9.1.120113.0|evt_code=14|evt_name=url redirection violated|sev=6|cat=input validation|outcome=failure|dhost=appsec-targ07|src_ip=|suid=_1_1|suser=administrator|session_id=1095|msg=Invalid url in request and exception thrown. May an indicator of attempts to perform arbitrary redirects to malicious websites.|http_useragent=Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.172 Safari/537.22|act=exception|request=/webapps/portal/execute/tabs/tabManageModules|requestparam=|requestval=

Log Fields

Log fields may be added or removed depending on the security event code. Fields that are not relevant may appear as empty strings.

# Field Sample Value
1 Event time timestamp=MMM dd yyyy HH:mm:ss.SSS zzz 
2 Vendor, Company app_vend=blackboard 
3 Product Name app_name=learn 
4 Product Version app_ver=9.1.120113.0 
5 Event Code evt_code=#
6 Event Name evt_name=string
7 Event Severity sev=#
8 Event Category cat=string
9 Event Outcome outcome=success|failure
10 Event Destination Host dhost=appserver_name
11 Event Client IP Address src_ip=string 
12 Event Source User ID suid=_#_#
13 Event Source Username suser=string
14 Event Source Session ID


15 Event Message


Note: If an exception is thrown, then the stack trace may be dumped with new line characters represented as "\n"  
rule violated and exception thrown\n<stacktrace with \n for line breaks> 

16 Event Client Browser User Agent http_useragent=Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30 
17 Action Taken act=string
18 Event Request URL  request=/some/random/path
19 Event Request Parameter requestparam=string
20 Event Request Parameter Value requestval=string
21 Filename fname=file.extension

In this section...