Miscllaneous MID Messages
Vendor Documentation
Classification
| Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Miscellaneous MID Messages | Base Rule | Ops/Information | General Information |
Mapping with LogRhythm Schema
| Device Key in Log Message | Log Value | LogRhythm Schema | Data Type | Schema Description |
| INFO | <severity> | Text\String | ||
| <sip> | IP Address | |||
| <domain> | Text\String | |||
| MID | 6508066 | <session> | Text\String | |
| 6507972 | <object> | Number | ||
| <objectname> | Text\String | |||
| <objecttype> | Number | |||
| duplicate-quarantine filter | <subject> | Text\String | ||
| <hash> | Text\String | |||
| Suspicious_Attachment | <result> | Text\String | ||
| <status> | Text\String | |||
| <recipient> | Text\String |