Catch All : Crypto API Messages
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Catch All : Crypto API Messages | Base Rule | Encryption Process | Information |
| EVID 4097 : 3rd Party Cert Auto Update Success | Sub Rule | SSL Certificate Loaded | Information |
| EVID 4108 : 3rd Party Root Cert Delete Successful | Sub Rule | Certificate Services Information | Information |
| EVID 4109 : 3rd Party Root Cert Update Success | Sub Rule | Certificate Services Information | Information |
| EVID 4111 : 3rd Party Root List AutoUpdate Success | Sub Rule | Certificate Services Information | Information |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| Provider Name | <vendorinfo> | Text/String |
| EventID Qualifiers | <vmid> | Number |
| Level | <severity> | Text/String |
| Execution Processid | <processid> | Number/Text/String |
| Computer | <dname> | Text/String |
| Threadid | <session> | Number/Text/String |
| N/A | <hash> | Text/String |
| N/A | <object> | Text/String |