General Authentication 3
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| General Authentication 3 | Base Rule | User Logon | Authentication Success |
| Authentication Success | Sub Rule | User Logon | Authentication Success |
| Unsecure Remote Access | Sub Rule | Access Denied | Warning |
| Failed Login: Unknown User | Sub Rule | User Logon Failure : Bad Username | Authentication Failure |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
| N/A | <severity> | Text/String |
| N/A | <sname> | Number/Text/String |
| N/A | <process> | Text/String |
| N/A | <tag1> | Number |
| N/A | <object> | Text/String |
| N/A | <sip> | Number |
| N/A | <login> | Text/String |
| N/A | <subject> | Text/String |