Classification
|
Rule Name |
Rule Type |
Classification |
Common Event |
|---|---|---|---|
|
NTP Messages |
Base Rule |
General NTP Information |
Information |
|
Kernel Time Sync |
Sub Rule |
System Time Information |
Information |
|
Positive Time Adjustment |
Sub Rule |
Time Adjusted |
Information |
|
Negative Time Adjustment |
Sub Rule |
Time Adjusted |
Information |
|
NTP: Listening On Router Socket |
Sub Rule |
Listener Message |
Information |
|
NTP: Peers Refreshed |
Sub Rule |
Peers Refreshed |
Information |
|
NTP Precision |
Sub Rule |
General NTP Information |
Information |
|
No Suitable Time Synchronization Server Found |
Sub Rule |
NTP Server Unreachable |
Error |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
SYSD |
<severity> |
Text/String |
|
Mar 20 17:03:59 |
<dname> |
Text/String |
|
N/A |
<process> |
Text/String |
|
Your |
<object> |
Text/String |
|
N/A |
<dip> |
IP Address |
|
N/A |
<dinterface> |
Text/String |
|
N/A |
<version> |
Number |
|
N/A |
<duration> |
Time |
|
proto: |
<tag1> |
Text/String |
|
usec |
N/A |
N/A |
|
N/A |
<tag2> |
Text/String |