Docker Log Information
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Docker Log Information | Base Rule | Daemon Information | Information |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
| level | <severity> | Text\String |
| N/A | <dip> | IP Address |
| addr | <dname> | Text\String |
| N/A | <dport> | Number |
LoginUID | <login> | Text\String |
| pid | <processid> | Number |
| N/A | <parentprocessname> | Text\String |
| msg | <subject> | Text\String |
| action | <command> | Text\String |
| N/A | <quantity> | Number |