Skip to main content
Skip table of contents

Network Traffic

Classification

Rule NameRule TypeCommon EventClassification
Network TrafficBase RuleGeneral Network Traffic Log MessageNetwork Traffic
Blocked Network TrafficSub RuleTraffic Denied by Network FirewallNetwork Deny
Allowed Network TrafficSub RuleTraffic Allowed by Network FirewallNetwork Allow
Anonymizer : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Anonymizer : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Blacklist : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Blacklist : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Blogs : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Blogs : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Business and Economy : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Continuing Education/Colleges : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Continuing Education/Colleges : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Business and Economy : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Corporate Marketing : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Corporate Marketing : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Discussion Forums : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Discussion Forums : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Education : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Education : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Entertainment : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Entertainment : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
File Host : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Finance : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Finance : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
File Host : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Flowserve-BlackList : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Flowserve-BlackList : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Gambling : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Gambling : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Games : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Games : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Hobbies/Leisure : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Hobbies/Leisure : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Image Host : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Image Host : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Information Technology : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Information Technology : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Internet Services : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Internet Services : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
K-12 : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
K-12 : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Miscellaneous or Unknown : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Miscellaneous or Unknown : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Music : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Music : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
News and Media : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
News and Media : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Office_365 : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Office_365 : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Online Chat : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Online Chat : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Online Shopping : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Online Shopping : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Portals : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Portals : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Professional Services : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Professional Services : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Radio Stations : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Radio Stations : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Real Estate : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Real Estate : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Reference Sites : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Reference Sites : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Science/Tech : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Science/Tech : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Shareware Download : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Shareware Download : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Shopping and Auctions : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Shopping and Auctions : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Social Networking : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Social Networking : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Special Interests/Social Organizations : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Special Interests/Social Organizations : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Sports : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Sports : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Spyware/Adware : AllowedSub RuleDetected Spyware ActivityMalware
Spyware/Adware : BlockedSub RuleFailed Spyware ActivityFailed Malware
Streaming Media : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Streaming Media : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Television/Movies : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Television/Movies : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Travel : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Travel : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
User_Defined-Bypass_Authentication : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
User_Defined-Bypass_Authentication : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
User_Defined-Bypass_SSL : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
User_Defined-Bypass_SSL : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
User_Defined-O365-SSL_Bypass : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
User_Defined-O365-SSL_Bypass : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
User-defined : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
User-defined : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Vehicles : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Vehicles : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Web Banners : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Web Banners : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Web Host : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Web Host : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Web Search : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Web Search : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny
Webmail : AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
Webmail : BlockedSub RuleTraffic Denied by Network FirewallNetwork Deny


Mapping with LogRhythm Schema  

Device Key in Log MessageLogRhythm SchemaData Type
login<login>Text/String
dname<domainimpacted>Text/String
dip<dip>Number
sip<sip>Number
natPublicIp<snatip>Number
website<dport>Number
url<url>Number/Text
ua<useragent>Number/Text
ua<object>Number/Text
module<subject>Text/String
proto<protname>Text/String
action<action>Text/String
action<tag1>Text/String
reason<reason>Text/String
appName<parentprocessname>Text/String
fileType<objecttype>Text/String
reqSize<bytesout>Number
responseSize<bytesin>Number
totalSize<size>Number
malwareCat<status>Text/String
threatName<threatname>Text/String
filename<objectname>Number/Text
bamd5<hash>Number/Text
riskScore<severity>Number
location<sinterface>Number/Text
reqMethod<command>Text/String
respCode<responsecode>Number
urlClass<policy>Text/String
urlSuperCat<session>Text/String
urlCat<tag2>Text/String
urlCat<group>Text/String
referer<vendorinfo>Number/Text/String
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close