Classification
|
Rule Name |
Rule Type |
Classification |
Common Event |
|---|---|---|---|
|
Pattern 1 : Sendmail Mail To Messages |
Base Rule |
Information |
General Sendmail Information |
|
Sendmail: Email Delivery Message Sent |
Sub Rule |
Information |
Email Delivery Message Sent |
|
Sendmail: Email Delivery Remote Protocol Error |
Sub Rule |
Error |
Email Delivery Remote Protocol Error |
|
Sendmail: Email Delivery Message Queued |
Sub Rule |
Information |
Email Delivery Message Queued |
|
Sendmail: Email Delivery I/O Error |
Sub Rule |
Error |
Email Delivery I/O Error |
|
Sendmail: Email Delivery Message Deferred |
Sub Rule |
Information |
Email Delivery Message Deferred |
|
Sendmail: Email Delivery User Unknown |
Sub Rule |
Warning |
Email Delivery User Unknown |
|
Sendmail: Email Delivery Local Configuration Error |
Sub Rule |
Error |
Email Delivery Local Configuration Error |
|
Sendmail: Email Delivery Internal Error |
Sub Rule |
Error |
Email Delivery Internal Error |
|
Sendmail: Email Delivery Host Unknown |
Sub Rule |
Warning |
Email Delivery Host Unknown |
|
Sendmail: Email Delivery Data Format Error |
Sub Rule |
Error |
Email Delivery Data Format Error |
|
Sendmail: Email Delivery Service Unavailable |
Sub Rule |
Warning |
Email Delivery Service Unavailable |
|
Sendmail: Headers Too Large |
Sub Rule |
Warning |
Header Length Exceeds The Configured Threshold |
|
Sendmail: Transient Parse Error |
Sub Rule |
Error |
Parse Error |
|
Sendmail: Cannot Send Message For 5 Days |
Sub Rule |
Information |
Message Delivery Delayed |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
stat |
<vmid> |
Text\String |
|
Connection refused by |
<dip> |
IP Address |
|
N/A |
<object> |
Text\String |
|
to |
<recipient> |
Text\String |
|
ctladdr |
N/A |
N/A |
|
delay |
<duration> |
Time |
|
xdelay |
N/A |
N/A |
|
mailer |
N/A |
N/A |
|
pri |
N/A |
N/A |
|
N/A |
<quantity> |
Number |
|
N/A |
<tag1> |
Text\String |