Failed Window AD Network Messages

Vendor Documentation

https://www.fortinet.com/products.html

https://docs.fortinet.com/document/fortigate/6.0.6/fortios-log-message-reference/524940/introduction

Classification

Rule Name	Rule Type	Classification	Common Event
Failed Window AD Network Messages	Base Rule	Failed Denial of Service	Failed Network Denial Of Service
FAILED TO CONNECT WINDOW AD NETWORK	Sub Rule	Failed Denial of Service	Failed Network Distributed Denial Of Service

Mapping with LogRhythm Schema

Device Key in Log Message	LogRhythm Schema	Data Type	Schema Description
severity	<severity>	Text/String	severity
devname	<dname>	Text/String	N/A
devid	N/A	Text/String	N/A
vd	<domainorigin>	Text/String	N/A
logid	<vmid> <tag1>	Text/String	N/A
logdesc	<status>	Text/String	N/A
level	<severity>	Text/String	N/A
user	<login>	Text/String	N/A
action	<action>	Text/String	N/A
status	<status>	Text/String	N/A
msg	<subject>	Text/String	N/A
url	<url>	Text/String	N/A