Skip to main content
Skip table of contents

Patt 5 : SMTP Session Messages

Classification

Rule Name

Rule Type

Common Event

Classification

Patt 5 : SMTP Session MessagesBase RuleGeneral InformationInformation
Rejected MessageSub RuleSuspicious E-mail ActivitySuspicious
Accepted MessageSub RuleMessage AcceptedOther Audit Success
Timeout MessageSub RuleConnection TimeoutWarning
SMTP Session DeletedSub RuleSession EndedInformation
Looking For Session RelaySub RuleSession InformationInformation
Lookup SMTP SessionSub RuleSession InformationInformation
Put SMTP SessionSub RuleSession InformationInformation
Reloaded Session RelaySub RuleSession StartedOther Audit Success
Save Session RelaySub RuleSession InformationInformation

Mapping with LogRhythm Schema  

Device Key in Log Message

LogRhythm Schema

Data Type

N/A<processid>Number
N/A<subject>Text/String
N/A<sname>String
N/A<sip>Number
N/A<sport>Text/String/Number
N/A<tag1>Text/String
N/A<session>.String
N/A<sender>String
N/A<recipient>String
N/A<protname>String
N/A<vendorinfo>String
N/A<dip>Number
N/A<dport>Text/String/Number
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close