File Transfer Protocol Message
Classification
Rule Name | Rule Type | common event | Classification |
|---|---|---|---|
| File Transfer Protocol Message | Base Rule | General Information | Information |
| Fcntl Lock Of PID File Failed | Sub Rule | Command Execution Failure | Access Failure |
| Pam Authentication Failed | Sub Rule | Authentication Failure Activity | Authentication Failure |
| Authentication Failed - Login Incorrect | Sub Rule | User Logon Failure : Bad Username | Authentication Failure |
| File Deleted | Sub Rule | Object Deleted/Removed | Access Success |
| FTPD Exiting | Sub Rule | Process/Service Stopping | Startup and Shutdown |
| FTP Session Closed | Sub Rule | Service Logoff | Authentication Success |
| FTP Login | Sub Rule | User Logon | Authentication Success |
| Login Refused | Sub Rule | Authentication Failure Activity | Authentication Failure |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| N/A | <dname> | String/Text |
| N/A | <process> | String/Text |
| N/A | <processid> | Number |
| N/A | <tag1> | String/Text |
| N/A | <protname> | String/Text |
| N/A | <sname> | String/Text |
| <sip> | numeric | |
| <login> | string/text | |
| <object> | string/text | |
| <tag2> | string/text |