Classification
|
Rule Name |
Rule Type |
Classification |
Common Event |
|---|---|---|---|
|
Pattern 15 : Specific Errors And Warnings |
Base Rule |
General Error Information |
Error |
|
Transport Error : Fatal Error |
Sub Rule |
Fatal Error |
Critical |
|
Read From Socket Failed |
Sub Rule |
Socket Error |
Error |
|
Too Many Hops : Message Not Delivered |
Sub Rule |
Too Many Hops |
Error |
|
Cannot Create Transcript File Because It Exists |
Sub Rule |
Can't Create Transcript File Because It Exists |
Error |
|
Cannot Save Rejected Email Anywhere |
Sub Rule |
Unable To Save Rejected Email |
Warning |
|
Waiting For Busy File System |
Sub Rule |
Waiting For Busy File System |
Warning |
|
Corrupt Label On Disk |
Sub Rule |
Corrupt Label On Disk |
Error |
|
Command Failed To Complete : Device Missing |
Sub Rule |
Command Execution Failure |
Access Failure |
|
Too Many Authentication Failures |
Sub Rule |
Suspicious Activity |
Suspicious |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|
N/A |
<severity> |
Text\String |
|
N/A |
<login> |
Text\String |
|
N/A |
<process> |
Text\String |
|
N/A |
<processid> |
Number |
|
N/A |
<object> |
Text\String |
|
N/A |
<subject> |
Text\String |
|
N/A |
<sender> |
Text\String |
|
N/A |
<subject> |
Text\String |
|
N/A |
<recipient> |
Text\String |
|
N/A |
<quantity> |
Number |
|
N/A |
<tag3> |
Text\String |