Skip to main content
Skip table of contents

Pattern 1 : General Messages

Classification

Rule Name

Rule Type

Common Event

Classification

Pattern 1 : General MessagesBase RuleGeneral InformationInformation
Firewall Drop Ping DisabledSub RuleConfiguration Modified : Network AccessConfiguration
Firewall Drop Traceroute DisabledSub RuleConfiguration Modified : Network AccessConfiguration
Web Server Settings: ChangedSub RuleConfiguration Modified : SystemConfiguration
Syslog Settings: ChangedSub RuleConfiguration Modified : SystemConfiguration
Syslog Event Export InitiatedSub RuleProcess/Service StartingStartup and Shutdown
Syslog Events AcknowledgedSub RuleSyslog Events AcknowledgedInformation
Device RebootedSub RuleSystem RestartedStartup and Shutdown
Device HaltedSub RuleSystem ShutdownStartup and Shutdown
Global Network Settings: ChangedSub RuleConfiguration Modified : SystemConfiguration
Password Change Scheduler: DisabledSub RuleConfiguration Modified : SystemConfiguration
Password Change Scheduler: EnabledSub RuleConfiguration Modified : SystemConfiguration
Password Change InitiatedSub RuleConfiguration Modified : SystemConfiguration
Password Generation InitiatedSub RuleConfiguration Modified : SystemConfiguration
Passwords Reverted To Initial ValuesSub RuleConfiguration Modified : SystemConfiguration
Password Change Scheduler: ModifiedSub RuleConfiguration Modified : SystemConfiguration
Connection Directory: Update InitiatedSub RuleConfiguration Modified : SystemConfiguration
Login to Web: SuccessfulSub RuleUser LogonAuthentication Success
Audit Report : DeletedSub RuleConfiguration Modified : Directory ServicesConfiguration
Audit Report : DownloadedSub RuleConfiguration Modified : Directory ServicesConfiguration
Audit Report : Generated From Local Log ItemsSub RuleConfiguration Modified : Directory ServicesConfiguration
LDAP User Attribute Mappings: ChangedSub RuleConfiguration Modified : Directory ServicesConfiguration
LDAP Group Mapping: Mapping DeletedSub RuleConfiguration Modified : Directory ServicesConfiguration
LDAP Group Mapping: Mapping CreatedSub RuleConfiguration Modified : Directory ServicesConfiguration
LDAP Bind DN Password: ChangedSub RuleConfiguration Modified : Directory ServicesConfiguration
LDAP: Settings ChangedSub RuleConfiguration Modified : Directory ServicesConfiguration
IPsec Drop on OCSP Loss: EnabledSub RuleConfiguration Modified : SystemConfiguration
IPsec: EnabledSub RuleConfiguration Modified : SystemConfiguration
IPsec: DisabledSub RuleConfiguration Modified : SystemConfiguration
IPsec Drop on OCSP Loss: DisabledSub RuleConfiguration Modified : SystemConfiguration
Firmware: Update InitiatedSub RuleSoftware UpdatedConfiguration
Firewall Allow All Encrypted: DisabledSub RuleConfiguration Modified : SystemConfiguration
Firewall Must Be Encrypted: EnabledSub RuleConfiguration Modified : SystemConfiguration
Firewall Drop Traceroute: EnabledSub RuleConfiguration Modified : SystemConfiguration
Firewall Drop Ping: EnabledSub RuleConfiguration Modified : SystemConfiguration
Firewall Allow All Encrypted: EnabledSub RuleConfiguration Modified : SystemConfiguration
Firewall Must Be Encrypted: DisabledSub RuleConfiguration Modified : SystemConfiguration
Usage Policy: ChangedSub RulePolicy Modified : SystemPolicy
Passwords Reverted To Initial ValuesSub RuleConfiguration Modified : SystemConfiguration

Mapping with LogRhythm Schema  

Device Key in Log MessageLogRhythm SchemaData Type
N/A<vmid>Text\String
N/A<subject>Text\String
N/A<sip>IP Address
N/A<login>Text\String
N/A<tag1>Text\String
N/A<tag2>Text\String
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close