File Transfer Protocol Message
Classification
Rule Name | Rule Type | common event | Classification |
---|---|---|---|
File Transfer Protocol Message | Base Rule | General Information | Information |
Fcntl Lock Of PID File Failed | Sub Rule | Command Execution Failure | Access Failure |
Pam Authentication Failed | Sub Rule | Authentication Failure Activity | Authentication Failure |
Authentication Failed - Login Incorrect | Sub Rule | User Logon Failure : Bad Username | Authentication Failure |
File Deleted | Sub Rule | Object Deleted/Removed | Access Success |
FTPD Exiting | Sub Rule | Process/Service Stopping | Startup and Shutdown |
FTP Session Closed | Sub Rule | Service Logoff | Authentication Success |
FTP Login | Sub Rule | User Logon | Authentication Success |
Login Refused | Sub Rule | Authentication Failure Activity | Authentication Failure |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
---|---|---|
N/A | <dname> | String/Text |
N/A | <process> | String/Text |
N/A | <processid> | Number |
N/A | <tag1> | String/Text |
N/A | <protname> | String/Text |
N/A | <sname> | String/Text |
<sip> | numeric | |
<login> | string/text | |
<object> | string/text | |
<tag2> | string/text |