Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|
|
Catch All : Outlook Messages |
Base Rule |
General Outlook Information |
Operations : Information |
|
EVID 30 : Outlook Automatic Reconciliation |
Sub Rule |
General Outlook Information |
Information |
|
EVID 32 : Outlook Catalog Checkpoint Detected |
Sub Rule |
General Outlook Information |
Information |
|
EVID 38 : Outlook Reconciliation Completed |
Sub Rule |
General Outlook Information |
Information |
|
EVID 45 : Outlook Startup Event |
Sub Rule |
Process/Service Started |
Startup and Shutdown |
|
EVID 63 : Outlook Web Service Request |
Sub Rule |
General Outlook Information |
Information |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
Provider Name |
<venderinfo> |
Text/String |
|
EventID Qualifiers |
<vmid> |
Number |
|
Level |
<severity> |
Text/String |
|
computer |
<dname> |
Text/String |
|
Data |
<object> |
Text/String |