Pattern 14 : CASE Anti-Spam | LogRhythm Documentation

Vendor Documentation

https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_0100110.html

Rule Name	Rule Type	Classification	Common Event
Pattern 14 : CASE Anti-Spam	Base Rule	Ops/Information	General Information
Stderr Method Removed	Sub Rule	Ops/Information	Stderr Method Removed
Case-Daemon Shutdown	Sub Rule	Audit/Startup and Shutdown	Process/Service Stopping
Case-Daemon Started	Sub Rule	Audit/Startup and Shutdown	Process/Service Started
Regional Profile Assignment	Sub Rule	Ops/Information	Regional Profile Assignment
Configuration Loaded	Sub Rule	Audit/Configuration	Configuration Modified : System
Spam Case Successful	Sub Rule	Ops/Information	CASE Operation Successful
CASE Operation Failed	Sub Rule	Ops/Warning	CASE Operation Failed