HP OneView Audit Log Events
Vendor Documentation
Classification
Rule Name | Rule Type | Classification | Common Event |
---|---|---|---|
HP OneView Audit Log Events | Base Rule | Other Audit | General Audit Message |
Object Added Successfully Event | Sub Rule | Access Success | Object Added |
Object Modified Successfully Event | Sub Rule | Access Success | Object Modified |
Object Deleted Successfully Event | Sub Rule | Access Success | Object Deleted/Removed |
Successful Login Event | Sub Rule | Other Audit | Login Or Logout Event Executed |
Successful Logout Event | Sub Rule | Other Audit | Login Or Logout Event Executed |
Successful Activity Event | Sub Rule | Other Audit Success | Successful Activity |
Object Addition Failure Event | Sub Rule | Access Failure | Add Object Failure |
Object Modification Failure Event | Sub Rule | Access Failure | Modify Object Failure |
Object Deletion Failure Event | Sub Rule | Access Failure | Delete/Remove Object Failure |
Login Failure Event | Sub Rule | Authentication Failure | Authentication Failure Activity |
Logout Failure Event | Sub Rule | Authentication Failure | Authentication Failure Activity |
Failure Activity Event | Sub Rule | Other Audit Failure | Unsuccessful Activity |
General Audit Event | Sub Rule | Other Audit | General Audit Message |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhthm Schema | Data Type | Schema Description |
---|---|---|---|
Date/time | N/A | N/A | The date and time of the event. |
Internal component ID | <vmid> | String | The unique identifier of an internal component. |
Reserved | N/A | N/A | The organization ID. Reserved for internal use. |
User domain | <domainorigin> | String | The login domain name of the user. |
User name/ID | <login> | String | The user name. |
Session ID | <session> | String | The user session ID associated with the message. |
Task ID | <processid> | String | The URI of the task resource associated with the message. |
Client host/IP | <sip> | IP Address | The client (browser) IP address identifies the client machine that initiated the request. |
Result | <result> <tag1> | String | The result of the action, which can be one of the following values:
|
Action | <action> <tag2> | String | A description of the action, which can be one of the following values:
|
Severity | <severity> | String | A description of the severity of the event, which can be one of the following values, listed in descending order of importance:
|
Resource category | N/A | N/A | N/A |
Resource URI/name | <object> | String | The resource URI/name associated with the task. |
Message | <subject> | String | The output message that appears in the audit log. |