Vendor Documentation
Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|
|
Catch-All |
Base Rule |
General Information |
Information |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
Schema Description |
|---|---|---|---|
|
EventID |
<vmid> |
Number |
The identifier that the provider used to identify the event. |
|
Level |
<severity> |
Text/String |
The severity level defined in the event. |
|
Computer |
<dname> |
Text/String |
The name of the computer on which the event occurred. |