General PCI Information
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| General PCI Information | Base Rule | General PCI Information | Information |
| Failed PCI Command | Sub Rule | Failed Process Start | Error |
| Successful PCI Command | Sub Rule | Successful Activity | Other Audit Success |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| success | <tag1> | Text/String |
| items | <itemsin> | Number/Text |
| pid | <process> | Number/Text |
| auid | <account> | Number/Text |
| gid | <group> | Text/String |
| ses | <session> | Text/String |
| comm | <object> | Text/String |
| key | <tag2> | Text/String |