Following Rule
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Following Rule | Base Rule | Processing Notification | Information |
| Following Rule To Ending | Sub Rule | Processing Notification | Information |
| Following Rule To Item | Sub Rule | Processing Notification | Information |
| Following Rule To Terminal Out | Sub Rule | Processing Notification | Information |
Mapping with LogRhythm Schema
Device Key in log message | LogRhythm Schema | Data Type |
|---|---|---|
| LOC1 | <severity> | Text/String |
| N/A | <vmid> | Number |
| N/A | <session> | Text/String |
| Following rule | <process> | Text/String |
| from item | <object> | Text/String |
| to | <tag1> | Text/String |