General Kernel Messages
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| General Kernel Messages | Base Rule | Kernel Information | Information |
| Kernel : Audit Notice | Sub Rule | General Audit | Other Audit Success |
| Kernel : Storage Block Information | Sub Rule | General Mass Storage Information | Information |
| Kernel : CCISS Has Check Condition | Sub Rule | Raid Failed To Update State | Warning |
| Kernel : Storage Head/Cylinder/Sector Info | Sub Rule | General Mass Storage Information | Information |
| Kernel : General Warning | Sub Rule | General Kernel Warning | Warning |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
| N/A | <severity> | Text\String |
| N/A | <dname> | Text\String |
| N/A | <vmid> | Text\String |
| N/A | <process> | Text\String |
| N/A | <processid> | Number |
| N/A | <command> | Text\String |
| N/A | <object> | Text\String |
| N/A | <subject> | Text\String |
| N/A | <amount> | Number |
| N/A | <quantity> | Number |
| N/A | <size> | Number |
| N/A | <tag1> | Text\String |
| N/A | <tag2> | Text\String |
| N/A | <tag3> | Text\String |