Citrix Secure Private Access

SIEM integration

June 25, 2024

Contributed by:

C C

The Secure Private Access plug-in supports integration with Security Information and Event Management (SIEM) services. Security events are stored in real time to Windows Event Log (Event Viewer\Applications and Services Logs\Citrix Access Security) and can be collected and analyzed by third-party tools.

The following table lists the Secure Private Access plug-in security events:

Event ID	Summary	Description	Source
4624	An account was successfully logged on	Event created when Secure Private Access administrator logged in to Secure Private Access admin console	Citrix Access Security Admin service
4625	An account failed to log on	Event created when Secure Private Access administrator failed to logged in to Secure Private Access admin console	Citrix Access Security Admin service
4634	An account was logged off	Event created when Secure Private Access administrator logged off from Secure Private Access admin console	Citrix Access Security admin service
4720	A user account was created	Event created when new Secure Private Access administrator added	Citrix Access Security admin service
4738	A user account was changed	Event created when new Secure Private Access administrator updated	Citrix Access Security admin service
4726	A user account was deleted	Event created when new Secure Private Access administrator removed	Citrix Access Security admin service
8001	User secure access session	Event created when user session initiated or terminated on endpoint. Contains user, session, and device details, visited internal and external domains during the session	Citrix Access Security admin service
8002	User access authorization request	Event created when Secure Private Access plugin authorizes access to resource. Contains resource FQDN and authorization decision	Citrix Access Security admin service

For more information about SIEM, see Security Information and Event Management (SIEM) integration.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

SIEM integration

June 25, 2024

Contributed by:

C C

June 25, 2024

Contributed by:

C C

SIEM integration

In this article