Catch All : Level 4 : Signature Detection
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Catch All : Level 4 : Signature Detection | Base Rule | General IPS/IDS Log Message | Activity |
| * |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| N/A | <vmid> | Text/String |
| Priority | <severity> | Text/String |
| SrcIP | <sip> | Number |
| DstIP | <dip> | Number |
| SrcPort | <sport> | Number |
| DstPort | <dport> | Number |
| ingressinterface | <sinterface> | Number |
| egressinterface | <dinterface> | Number |
| Protocol | <protname> | Text/String |
| User | <login> | Text/String |
| N/A | <object> | Text/String |
| App Protocol | <objectname> | Text/String |
| Classification | <subject> | Number |
| message | <threatname> | Text/String |
| N/A | <sender> | Number/Text |
| N/A | <tag1> | Text/String |
| * There are 52820 sub rules associated with this rule. Adding them on this page is not feasible. We are looking for alternatives for this. |