Catch All : Outlook Messages
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Catch All : Outlook Messages | Base Rule | General Outlook Information | Operations : Information |
| EVID 30 : Outlook Automatic Reconciliation | Sub Rule | General Outlook Information | Information |
| EVID 32 : Outlook Catalog Checkpoint Detected | Sub Rule | General Outlook Information | Information |
| EVID 38 : Outlook Reconciliation Completed | Sub Rule | General Outlook Information | Information |
| EVID 45 : Outlook Startup Event | Sub Rule | Process/Service Started | Startup and Shutdown |
| EVID 63 : Outlook Web Service Request | Sub Rule | General Outlook Information | Information |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| Provider Name | <venderinfo> | Text/String |
| EventID Qualifiers | <vmid> | Number |
| Level | <severity> | Text/String |
| computer | <dname> | Text/String |
| Data | <object> | Text/String |