Classification
|
Rule Name |
Rule Type |
Classification |
Common Event |
|---|---|---|---|
|
Received Vendor ID Payload |
Sub Rule |
Other Audit Success |
Message Received |
|
Ignoring Vender ID Payload |
Sub Rule |
Information |
Ignore Request |
|
Packet Received |
Base Rule |
Network Traffic |
Packet Received |
|
Informational Exchange For Unknown SA |
Sub Rule |
Information |
Information Exchange For Unknown SA |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
USER |
<severity> |
Text/String |
|
21.11.2013 16:40:34 |
<dname> |
Text/String |
|
N/A |
<process> |
Text/String |
|
packet from |
<sip> |
Number |
|
N/A |
<sport> |
Number |
|
N/A |
<subject> |
Text/String |
|
N/A |
<objectname> |
Text/String |