Pattern 1 : Authd Messages
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Pattern 1 : Authd Messages | Base Rule | General Information | Information |
| Authd : Local Connection For MKS Established | Sub Rule | MKS Connection Established | Other Audit Success |
| Authd : Login | Sub Rule | User Logon | Authentication Success |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| tag1 | <tag1> | Text/String |
| sip | <sipn> | Number |
| session | <session> | Text/String |