F5 LTM Application Security Messages
Classification
| Rule Name | Rule Type | Common Event | Classification |
| F5 LTM Application Security Messages | Base Rule | General Security | Other Security |
| Untrusted Bot Messages | Sub Rule | Possible Botnet Activity | Malware |
| Unknown Messages | Sub Rule | Unknown Browser Type | Information |
| Browser Masquerading Messsages | Sub Rule | Detected Botnet Activity | Malware |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
| N/A | <severity> | Text/String |
| hostname | <sname> | Number/Text |
| client_ip | <sip> | Number |
| client_port | <sport> | Number |
| dest_ip | <dip> | Number |
| dest_port | <dport> | Number |
| device_product | <vendorinfo> | Text/String |
| device_version | <version> | Number/Text |
| http_method | <command> | Text/String |
| http_protocol_indication | <protname> | Text/String |
| virtual_server_name | <objectname> | Text/String |
| request_status | <status> | Text/String |
| action | <action> | Text/String |
| reason | <reason> | Text/String |
| class | <object> | Text/String |
| class | <tag1> | Text/String |
| anomaly_categories | <threatname> | Text/String |
| anomalies | <objecttype> | Text/String |