AMP Engine Reputation Query Message
Vendor Documentation
Classification
| Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| AMP Engine Reputation Query Message | Base Rule | Ops/Warning | General Antivirus Warning |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
<severity> | Text\String | ||
<process> | Text\String | ||
| MID | <processid> | Number | |
| <objectname> | Text\String | ||
| <subject> | Text\String | ||
| <reason> | Text\String | ||
| <status> | Text\String |