General Cache Messages
Classification
Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| General Cache Messages | Base Rule | Information | General Process Information |
| Database Updates Complete | Sub Rule | Information | Update Complete |
| Shutdown Complete | Sub Rule | Startup and Shutdown | Process/Service Startup Or Shutdown Activity |
| Shutting Down Cache | Sub Rule | Startup and Shutdown | Process/Service Startup Or Shutdown Activity |
| Updating Journal File | Sub Rule | Information | Update Event |
| Notifying Clients | Sub Rule | Information | Client Information |
| Stopping Client Networking | Sub Rule | Startup and Shutdown | Process/Service Stopping |
| Stopping Network Servers | Sub Rule | Startup and Shutdown | Process/Service Stopping |
| Stopping System Jobs | Sub Rule | Startup and Shutdown | Process/Service Stopping |
| Stopping User Jobs | Sub Rule | Startup and Shutdown | Process/Service Stopping |
| Removing Database Locks | Sub Rule | Information | Lock Released |
| Waiting For Database Updates To Complete | Sub Rule | Information | Update Event |
| Waiting For Users To Stop | Sub Rule | Information | Waiting For Response |
| Withdrawing From License Domain | Sub Rule | Information | License Request |
| Process ID Value | Sub Rule | Information | Process ID |
| No Routines To Execute | Sub Rule | Information | General Process Information |
| Routine Used In Instance | Sub Rule | Information | General Process Information |
SMapping with LogRhythm Schema
Device Key in log message | LogRhythm Schema | Data Type |
|---|---|---|
| USER | <severity> | Text/String |
| Jun 4 23:59:45 Message forwarded from | <dname> | Text/String |
| N/A | <process> | Text/String |
| (POC) | <processid> | Number |
| N/A | <subject> | Text/String |
| N/A | <object> | Text/String |
| N/A | <version> | Number |
| N/A | <parentprocesspath> | Text/String |