Pattern 15 : Specific Errors And Warnings (VMWare)
Vendor Documentation
https://www.vmware.com/in/products/esxi-and-esx.html https://www.vmware.com/topics/glossary/content/bare-metal-hypervisor |
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Pattern 15 : Specific Errors And Warnings | Base Rule | General Error Information | Error |
| Transport Error : Fatal Error | Sub Rule | Fatal Error | Critical |
| Read From Socket Failed | Sub Rule | Socket Error | Error |
| Too Many Hops : Message Not Delivered | Sub Rule | Too Many Hops | Error |
| Cannot Create Transcript File Because It Exists | Sub Rule | Can't Create Transcript File Because It Exists | Error |
| Cannot Save Rejected Email Anywhere | Sub Rule | Unable To Save Rejected Email | Warning |
| Waiting For Busy File System | Sub Rule | Waiting For Busy File System | Warning |
| Corrupt Label On Disk | Sub Rule | Corrupt Label On Disk | Error |
| Command Failed To Complete : Device Missing | Sub Rule | Command Execution Failure | Access Failure |
| Too Many Authentication Failures | Sub Rule | Suspicious Activity | Suspicious |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| severity | <severity> | Text/String |
| process | <process> | Text/String |
| processid | <processid> | Number |
| tag3 | <tag3> | Text/String |
| object | <object> | Text/String |
| quantity | <quantity> | Number |
| sender | <sender> | Text/String |
| recipient | <recipient> | Text/String |
| subject | <subject> | Text/String |
| login | <login> | Text/String |