Vendor Documentation
Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|
|
ADSelfService Plus |
Base Rule |
General Information |
Information |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
Schema Description |
|
eventtime |
N/A |
N/A |
N/A |
|
N/A |
N/A |
N/A |
N/A |
|
level |
<severity> |
Text/String |
N/A |
|
N/A |
N/A |
N/A |
N/A |
|
N/A |
<dname> |
Text/String |
N/A |
|
N/A |
<vendorinfo> |
Text/String |
N/A |
|
STATUS |
<status> |
Text/String |
N/A |
|
DOMAIN NAME |
<domainorigin> |
Text/String |
N/A |
|
ACCESS_MODE |
<useragent> |
Text/String |
N/A |
|
LOGIN NAME |
<login> |
Text/String |
N/A |
|
IP |
<sip> |
Ip Address |
N/A |
|
HOST |
<sname> |
Text/String |
N/A |
|
TIME |
<milliseconds> |
Numbers |
N/A |
|
DATE_TIME |
N/A |
N/A |
N/A |
|
ACTION_NAME |
<command> |
Text/String |
N/A |
|
DELIVERED_TIME |
N/A |
N/A |
N/A |
|
NAME |
<account> |
Text/String |
N/A |
|
NOTIFICATION_TYPE |
N/A |
N/A |
N/A |