General Connection Information
Classification
Rule Name | Rule type | classification | common event |
|---|---|---|---|
| General Connection Information | Base Rule | Connection Information | Information |
| SSH Connection | Sub Rule | SSH Connection Established | Network Traffic |
| FTP Connection | Sub Rule | FTP Connection Established | Network Traffic |
| Connection Closed | Sub Rule | Connection Closed | Network Traffic |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
| N/A | <dname> | Number/String |
| N/A | <process> | Number |
| N/A | <tag1> | Text/String |
| N/A | <sip> | Number |
| N/A | <sname> | Number/String |