Adding Query Spec
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Adding Query Spec | Base Rule | Access Object Failure | Audit |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
| Severity | <severity> | Number/Text/String | Severity information |
| Object | <object> | Text/String | N/A |
| Quantity | <quantity> | Number | N/A |