Voiso provides a security event streaming pre-built integration to Amazon Web Services' Simple Queue Service (SQS) for client-end processing.
Note: This simplex communication channel only sends information in one direction. You CANNOT retrieve any records using this interface. Voiso cannot interact with your data once it is on AWS SQS.
To use the Security Log Streaming to AWS SQS pre-built integration, you must first enable it in the Voiso System Settings. Navigate to Administration > System Settings, and click Enabled in the Security Log Streaming section.
After enabling the Security Log Streaming feature, specify the following parameters as defined by your Amazon account:
The following sections describe the security events that can be streamed to your SQS environment.
The event is triggered when there have been more than three failed login attempts with an incorrect password.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "app_login",
"event": "incorrect_password",
"callcenter": "acme",
"params": { "user": "foo@bar.com", "access_group":"admin", "count": "4" }
}
The event is triggered when a deleted user tries to log in.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "app_login",
"event": "deleted_user",
"callcenter": "acme",
"params": { "user": "foo@bar.com", "access_group":"supervisor" }
}
The event is triggered when a user successfully logs in to the contact center.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "app_login",
"event": "successful_login",
"callcenter": "acme",
"params": { "user": "foo@bar.com", "access_group":"supervisor" }
}
The event is triggered when a login attempt is made from an unauthorized IP address.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "app_login",
"event": "unauthorized_ip",
"callcenter": "acme",
"params": { "user": "foo@bar.com", "access_group":"supervisor", "ip": "8.8.8.8" }
}
The event is triggered when the source IP address is changed.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "app_login",
"event": "ip_changed",
"callcenter": "acme",
"params": { "user": "admin@voiso.com", "access_group":"supervisor", "from": "8.8.8.8", "to": "4.4.4.2" }
}
The event is triggered for each new user created.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "user",
"event": "user_added",
"callcenter": "acme",
"params": { "who": "admin@voiso.com", "user": "foo@bar.com", "access_group":"supervisor" }
}
The event is triggered when a user is deleted.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "user",
"event": "user_deleted",
"callcenter": "acme",
"params": { "who": "admin@voiso.com", "user": "foo@bar.com", "access_group":"agent" }
}
The event is triggered when a user successfully updates their password.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "user",
"event": "password_changed",
"callcenter": "acme",
"params": { "who": "admin@voiso.com", "user": "foo@bar.com", "access_group":"admin" }
}
The event is triggered when a user privilege is updated.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "user",
"event": "privileges_updated",
"callcenter": "acme",
"params": { "who": "admin@voiso.com", "user": "foo@bar.com", "from": "agent", "to": "admin" }
}
The event is triggered when a new IP address is added to the authorized list.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "allowed_ip",
"event": "ip_added",
"callcenter": "acme",
"params": { "who": "admin@voiso.com", "access_group":"supervisor", "ip": "8.8.8.8/32" }
}
The event is triggered when an existing IP address is removed from the authorized list.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "allowed_ip",
"event": "ip_removed",
"callcenter": "acme",
"params": { "who": "admin@voiso.com", "access_group":"supervisor", "ip": "8.8.8.8/32" }
}
The event is triggered when an existing IP address is modified.
{
"timestamp": "2020-10-10T10:11:12.12Z",
"type": "allowed_ip",
"event": "ip_changed",
"callcenter": "acme",
"params": { "who": "admin@voiso.com", "access_group":"supervisor", "from": "8.8.8.8/32", "to": "8.8.4.4/32" }
}
Back To Top