Network Connection Messages
Vendor Documentation
Classification
| Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Network Connection Messages | Base Rule | Information | Network Information Message |
| Data Successfully Transferred | Sub Rule | Network Traffic | Transfer Complete |
| Request Tunneled Using CONNECT Method | Sub Rule | Network Traffic | Transfer Complete |
| Returned Object Not Cacheable | Sub Rule | Information | Cache Information |
| Requested Object Not In Cache | Sub Rule | Information | Content Not In Cache |
| Access To Object Denied By Filter | Sub Rule | Access Failure | Access Object Failure |
| Policy Denied A Method | Sub Rule | Information | General POLICY Information |
| Failure Occurred | Sub Rule | Warning | Tunnel Setup Failure |
| New Content Returned From Forced GIMS Request | Sub Rule | Information | Results Returned |
| Client Forced Revalidation With Origin Server | Sub Rule | Information | General Authentication Attempt |
| Valid Copy Of Object In Cache | Sub Rule | Information | Valid Content In Cache |
| TCP Accelerated | Sub Rule | Information | General Proxy Information |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
N/A | <vmid> | Text/String/Number |
| N/A | <severity> | Text/String/Number |
| N/A | <sip> | Ip Address |
| N/A | <dip> | Ip Address |
| N/A | <dname> | Text/String |
| N/A | <sport> | Number |
| N/A | <protname> | Text/String |
| N/A | <useragent> | Text/String |
| N/A | <url> | Text/String |
| N/A | <group> | Text/String |
| N/A | <command> | Text/String |
| N/A | <duration> | Number |