Breadcrumbs

File Transfer Protocol Message

Classification

Rule Name

Rule Type

common event

Classification

File Transfer Protocol Message

Base Rule

General Information

Information

Fcntl Lock Of PID File Failed

Sub Rule

Command Execution Failure

Access Failure

Pam Authentication Failed

Sub Rule

Authentication Failure Activity

Authentication Failure

Authentication Failed - Login Incorrect

Sub Rule

User Logon Failure : Bad Username

Authentication Failure

File Deleted

Sub Rule

Object Deleted/Removed

Access Success

FTPD Exiting

Sub Rule

Process/Service Stopping

Startup and Shutdown

FTP Session Closed

Sub Rule

Service Logoff

Authentication Success

FTP Login

Sub Rule

User Logon

Authentication Success

Login Refused

Sub Rule

Authentication Failure Activity

Authentication Failure


Mapping with LogRhythm Schema  

Device Key in Log Message

LogRhythm Schema

Data Type

N/A

<dname>

String/Text

N/A

<process>

String/Text

N/A

<processid>

Number

N/A

<tag1>

String/Text

N/A

<protname>

String/Text

N/A

<sname>

String/Text


<sip>

numeric


<login>

string/text


<object>

string/text


<tag2>

string/text