Skip to main content
Skip table of contents

Application Control 2

Vendor Documentation


Rule NameRule TypeCommon EventClassification
Application ControlBase RuleGeneral Application Control MessageInformation
Application Control IPS PassSub RuleApplication Control IPS MessageInformation
Application Control IPS BlockSub RuleApplication Control IPS MessageInformation
Application Control IPS ResetSub RuleApplication Control IPS MessageInformation

Mapping with LogRhythm Schema  

Device Key in Log MessageLogRhythm SchemaData TypeSchema Description
logid<vmid>NumberThe ID (logid) is a 10-digit field. It is a unique identifier for that specific log.
level<severity>Text\StringEach log entry contains a Level (level) field that indicates the estimated severity of the event that caused the log entry,
srcip<sip>IP AddressIP address of the traffic’s origin
dstip<dip>IP AddressDestination IP address for the web.
srcport<sport>NumberPort number of the traffic's origin
dstport<dport>NumberPort number of the traffic's destination.
srcintf<sinterface>Text\StringInterface name of the traffic's origin.
dstintf<dinterface>Text\StringInterface of the traffic's destination.
proto<protnum>NumberThe protocol used by web traffic (tcp by default)
service<protname>Text\StringName of the service
user<login>Text\StringName of the user
vd<domainorigin>Text\StringName of the virtual domain in which the log message was recorded.
sessionid<session>Text\StringID for the session.
app<process>Text\StringName of the application.
appid<processid>NumberID of the application.
appcat<object>Text\StringCategory of the application.



msg<subject>Text\StringMessage Description



Text\StringStatus of the session
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.