Mail_logs : AMP File Reputation
Vendor Documentation
Classification
| Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Mail_logs : AMP File Reputation | Base Rule | Ops/Information | General Reputation Information |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
| <vendorinfo> | Text\String | ||
<severity> | Text\String | ||
| MID | <session> | Number | |
| <processid> | Number | ||
| <object> | Text\String | ||
| <objecttype> | Text\String | ||
| <subject> | Text\String | ||
| <action> | Text\String | ||
| <reason> | Text\String | ||
| <status> | Text\String |