Firewall Messages - V6.5.8 | LogRhythm Documentation

Rule Name	Rule Type	Common Event	Classification
Firewall Messages - V6.5.8	Base Rule	General Firewall Event	Information
EVID 70018 : Connection_Allowed	Sub Rule	Traffic Allowed by Host Firewall	Network Allow
EVID 70019 : Connection_Discarded	Sub Rule	Connection Closed	Network Traffic
EVID 70022 : Connection_Closed-Abnormally	Sub Rule	Connection Terminated	Network Traffic
EVID 70021 : Connection_Closed	Sub Rule	Connection Closed	Network Traffic
EVID 71257 : TCP_Segment-SYN-No-Options	Sub Rule	TCP SYN Received	Network Traffic
EVID 79059 : Suspicious Traffic Information	Sub Rule	General Traffic Other Warning	Warning
EVID 79002 : Protocol Violation	Sub Rule	Vuln High Severity : Protocol Violation	Vulnerability
EVID 71053 : Suspicious Traffic	Sub Rule	Suspicious Network Activity	Suspicious
EVID 71037 : Protocol Violation	Sub Rule	Vuln High Severity : Protocol Violation	Vulnerability
EVID 70961 : System Situations Messages	Sub Rule	General System Information	Information
EVID 70082 : Protocol Violation	Sub Rule	Vuln High Severity : Protocol Violation	Vulnerability
EVID 499394 : Suspected Disclosure	Sub Rule	Suspicious Network Activity	Suspicious
EVID 324107 : Suspected Disclosure	Sub Rule	Suspicious Network Activity	Suspicious
EVID 262690 : Potential Compromised	Sub Rule	Network Compromised	Compromise
EVID 1310733 : Potential Compromised	Sub Rule	Network Compromised	Compromise

Firewall Messages - V6.5.8