Pattern 11 : HTTP Syslog
Vendor Documentation
Classification
| Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Pattern 11 : HTTP Syslog | Base Rule | Ops/Information | General HTTP Information |
| HTTP URL Accessed | Sub Rule | Audit/Access Success | Object Accessed |
| HTTP Session Expired | Sub Rule | Ops/Information | Session Expired |
| HTTP User Login | Sub Rule | Audit/Authentication Success | User Logon |
| HTTP VOF History Unavailable | Sub Rule | Ops/Warning | VOF History Unavailable |
| HTTP Virus Threat Level Unavailable | Sub Rule | Ops/Warning | Virus Threat Level Unavailable |
| HTTP SSL Handshake Failure | Sub Rule | Ops/Error | SSL Handshake Failure |
| HTTPS Connection Error | Sub Rule | Ops/Error | Connection Error |
| HTTP Page Not Found | Sub Rule | Ops/Error | HTTP 404 : Request Error - Not Found |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
| <dip> | IP Address | ||
| <sip> | IP Address | ||
<sport> | Number | ||
<dport> | Number | ||
| <login> | Text\String | ||
| <session> | Text\String | ||
| <object> | Text\String | ||
| <url> | Text\String | ||
| <tag1> | Text\String | ||
| <tag2> | Text\String |