Vendor Documentation
Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|
|
General Blocked Event |
Base Rule |
Blocked Message |
Failed Activity |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
reason |
<reason> |
Text/String |
|
url |
<url> |
Text/String |
|
route |
<status> |
Text/String |
|
sourceip |
<dip> <dname> |
IP Address/Text/String |
|
Sender |
<sender> |
Text/String |
|
recipient |
<recipient> |
Text/String |
|
senderDomain |
<domain> |
Text/String |