Centrify Messages
Classification
Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Trusted Path Granted | Sub Rule | Access Granted | Access Granted Activity |
| Centrify Messages | Base Rule | Other Audit Success | General Access |
| Services Appear To Be Blocked | Sub Rule | Warning | Resource Not Available |
| Trusted Path Denied | Sub Rule | Warning | Access Denied |
| No Certificate Templates Found | Sub Rule | Information | Certificate Services Information |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| SAU1 | <severity> | Text/String |
| N/A | <parentprocessname> | Text/String |
| N/A | <parentprocessid> | Number |
| server | <dname> | Text/String |
| N/A | <subject> | Text/String |
| N/A | <tag1> | Text/String |
| domain | <domain> | Text/String |
| Audit_trail | <process> | Text/String |
| user | <login> | Text/String |
| N/A | <version> | Number |
| pid | <processid> | Number |
| centrifyEventID | <vmid> | Number |
| status | <result> | Text/String |
| reason | <reason> | Text/String |
| N/A | <object> | Text/String |