AXIS Messages
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| AXIS Messages | Base Rule | General AXIS Message | Information |
| General Debug Message | Sub Rule | General Debug Message | Information |
| General Error Message | Sub Rule | General Error Message | Error |
| General Information Message | Sub Rule | General Information Log Message | Information |
| General Warning Message | Sub Rule | General Warning Log Message | Warning |
| User Logon | Sub Rule | User Logon | Authentication Success |
| User Logon | Sub Rule | User Logon | Authentication Success |
| User Logoff | Sub Rule | User Logoff | Authentication Success |
| Account Is Disabled | Sub Rule | User Logon Failure : Account Disabled | Authentication Failure |
| No Account Present For User | Sub Rule | User Logon Failure : Bad Username | Authentication Failure |
| PAM Authentication Error | Sub Rule | PAM Authentication Error | Error |
| Syslogd Information | Sub Rule | Syslogd Information | Information |
| Syslogd Restarted | Sub Rule | Process/Service Restarted | Startup and Shutdown |
| Syslogd Error | Sub Rule | Syslogd Error | Error |
| Unknown Host | Sub Rule | Unknown Hostname | Warning |
| Unknown Priority Name | Sub Rule | Unknown Name Or Service | Warning |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
| N/A | <severity> | Text\String |
| N/A | <login> | Text\String |
| N/A | <process> | Text\String |
| N/A | <sname> | Text\String |
| N/A | <processid> | Number |
| N/A | <object> | Text\String |
| N/A | <group> | Text\String |
| N/A | <tag3> | Text\String |
| N/A | <tag2> | Text\String |
| N/A | <sip> | Number |