Catch All : General Messages
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Catch All : General Messages | Base Rule | General Information | Information |
| Closing Tools Backup Agent | Sub Rule | Object Closed | Access Success |
| Destroying Tools Backup Agent | Sub Rule | Object Deleted/Removed | Access Success |
| Hot Button Update Received | Sub Rule | Object Modified | Access Success |
| No Upgrade Required | Sub Rule | Upgrade Information | Information |
| Shutting Down Guest | Sub Rule | System Shutting Down | Startup and Shutdown |
| Skipped Tools Manifest Info Update | Sub Rule | Update Not Needed | Information |
| Ticket Invalidated | Sub Rule | Information-Only Event | Information |
| Ticket Issued For Root | Sub Rule | Object Added | Access Success |
| Ticket Used | Sub Rule | Object Accessed | Access Success |
| Tools Are Auto-Upgrade Capable | Sub Rule | Upgrade Information | Information |
| Updated Auto Start Sequence | Sub Rule | Object Attribute Modified | Access Success |
| Virtual Machine Object Cleanup | Sub Rule | Object Modified | Access Success |
| VMDB Unmount Initiated | Sub Rule | Process/Service Started | Startup and Shutdown |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
| N/A | <severity> | Text/String |
| N/A | <process> | Text/String |
| N/A | <session> | Number/Text |
| N/A | <tag1> | Text/String |
| N/A | <objectname> | Number/Text |
| opid | <command> | Number/Text |
| N/A | <tag2> | Text/String |