ADSelfService Plus
Vendor Documentation
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
ADSelfService Plus | Base Rule | General Information | Information |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
eventtime | N/A | N/A | N/A |
N/A | N/A | N/A | N/A |
level | <severity> | Text/String | N/A |
N/A | N/A | N/A | N/A |
N/A | <dname> | Text/String | N/A |
N/A | <vendorinfo> | Text/String | N/A |
STATUS | <status> | Text/String | N/A |
DOMAIN NAME | <domainorigin> | Text/String | N/A |
ACCESS_MODE | <useragent> | Text/String | N/A |
LOGIN NAME | <login> | Text/String | N/A |
IP | <sip> | Ip Address | N/A |
HOST | <sname> | Text/String | N/A |
TIME | <milliseconds> | Numbers | N/A |
DATE_TIME | N/A | N/A | N/A |
ACTION_NAME | <command> | Text/String | N/A |
DELIVERED_TIME | N/A | N/A | N/A |
NAME | <account> | Text/String | N/A |
NOTIFICATION_TYPE | N/A | N/A | N/A |