General Events Messages
Vendor Documentation
Classification
| Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| General Events Messages | Base Rule | General Eventlog Information | Information |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| Product | <version> | String/Text |
| Action | <action> | String/Text |
| ifdirection | <tag1> | String/Text |
| SIP | <sip> | Number |
| SPort | <sport> | Number |
| DIP | <dip> | Number |
| DPort | <dport> | Number |
| Protocol | <protname> | Number |
| IFName | <sinterface> | Number/Text |
| Reason | <reason> | Number/Text |
| Info | <vendorinfo> | Number/Text |
| XlateSIP | <snatip> | Number/Text |
| XlateDIP | <dnatip> | Number/Text |
| URL | <url> | Number/Text |
| CN | <login> | Number/Text |
| matched_category | <subject> | Text/String |
| severity | <severity> | Number |
| XlateSport | <snatport> | Number/Text |
| XlateDPort | <dnatport> | Number/Text |
| status | <status> | Number/Text |