ADC Event Logs

Vendor Documentation

Rule Name	Rule Type	Common Event	Classification
ADC Event Logs	Base Rule	General Event Log Information	Information
Configuration Change	Sub Rule	Configuration Information	Information
System Admin Events	Sub Rule	General Admin Information	Information
Health Checks LLB/SLB	Sub Rule	Performing System Health Check	Information
System Events	Sub Rule	General System Event	Information
User Authentication Events	Sub Rule	General Authentication Information	Information
Server Load Balance (SLB) Events	Sub Rule	General Load Balancing Message	Information
Link Load Balance Events	Sub Rule	General Load Balancing Message	Information
Global Load Balancing Operation	Sub Rule	General Load Balancing Message	Information
Firewall SNAT Source Port Exhausted	Sub Rule	General Firewall Alert	Warning

Device Key in Log Message	LogRhythm Schema	Data Type	Schema Description
date	N/A	N/A	Log date
time	N/A	N/A	Log time
log_id	<vmid>	Number	Log ID
type	<vendorinfo>	Text/String	Major Log Type
subtype	<tag1>	Text/String	Log Subtype
pri	<severity>	Text/String	Log level
vd	<account>	Text/String	Virtual domain
msg_id	N/A	N/A	Message ID
user	<login>	Text/String	User name
ui	N/A	N/A	N/A
action	<action>	Text/String	Action type
cfgpath	N/A	N/A	Configuration Path
cfgobj	<object>	Text/String	Configuration Object
cfgattr	<objecttype>	Text/String	Configuration Attribute
logdesc	N/A	N/A	Description of the Event
status	<status>	Text/String	Status of the Event
reason	<reason>	Text/String	Reason
module	N/A	N/A	N/A
policy	<policy>	Text/String	N/A
group	<group>	Text/String	N/A
member	N/A	N/A	N/A
attrtype	N/A	N/A	N/A
attrname	N/A	N/A	N/A
msg	<subject>	Text/String	Detailed description of the action