Vendor Documentation
Classification
|
Rule Name |
Rule Type |
Classification |
Common Event |
|---|---|---|---|
|
Netskope : Infrastructure Event |
Base Rule |
Information |
General Information Log Message
|
|
Netskope : Device Restarted |
Sub Rule |
Startup and Shutdown |
System Restarted |
|
Netskope : Host\Service Unreachable |
Sub Rule |
Error |
Destination Unreachable |
|
Netskope : Data Not Received From Device |
Sub Rule |
Warning |
Health Warning |
|
Netskope : Disk Usage Warning |
Sub Rule |
Warning |
Disk Capacity Warning |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
Device vendor |
N/A |
N/A |
|
device product |
N/A |
N/A |
|
Device version |
N/A |
N/A |
|
Device event class id |
<vmid> |
Text/String |
|
Event name |
N/A |
N/A |
|
Severity of the event |
<severity> |
Text/String |
|
timestamp |
N/A |
N/A |
|
device |
<object> |
Text/String |
|
infAlarmDescription |
<vendorinfo>
|
Text/String |
|
infAlarmName |
N/A |
N/A |
|
infSerial |
N/A |
N/A |