Account Information
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Acccount Added Via Passphrase | Sub Rule | User Account Created | Account Created |
| Acccount Added Via Admin Passphrase | Sub Rule | User Account Created | Account Created |
| Account Information | Base Rule | General User Information | Information |
| Acccount Status Checked Via Passphrase | Sub Rule | Object Accessed | Access Success |
| Acccount Status Checked Via Admin Passphrase | Sub Rule | Object Accessed | Access Success |
Mapping with LogRhythm Schema
| Device Key in Log Message | Log Value | LogRhythm Schema | Data Type |
| N/A | N/A | <dname> | Text\String |
| N/A | N/A | <account> | Text\String |
| N/A | N/A | <process> | Text\String |
| N/A | N/A | <object> | Text\String |
| N/A | N/A | <tag1> | Text\String |
| N/A | N/A | <tag2> | Text\String |
| N/A | N/A | <tag3> | Text\String |