Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|
|
General Messages 2 |
Base Rule |
General Information |
Information |
|
Virtual File System Message |
Sub Rule |
General Application Information |
Information |
|
Agent Running |
Sub Rule |
Process/Service Started |
Startup and Shutdown |
|
Kernel Time Sync Status Change |
Sub Rule |
General Kernel Error |
Error |
|
Group Does Not Exist In Domain |
Sub Rule |
Group Name Does Not Exist |
Error |
|
Failed To Dequeue Packet |
Sub Rule |
Failed To Dequeue Packet |
Error |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
Schema Description |
|---|---|---|---|
|
N/A |
<severity> |
Number/Text/String |
Severity information |
|
Dname |
<dname> |
Text/String |
Destination Hostname Information |
|
N/A |
<domainorigin> |
Text/String |
N/A |
|
N/A |
<process> |
Text/String |
process information |
|
N/A |
<processid> |
Number |
N/A |
|
N/A |
<object> |
Text/String |
N/A |
|
N/A |
<group> |
Text/String |
N/A |
|
N/A |
<tag2> |
Text/String |
N/A |