Pattern 19 : Informational Messages
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Authentication Failure | Sub Rule | Authentication Failure Activity | Authentication Failure |
| Connection Closed | Sub Rule | Connection Closed | Network Traffic |
| Pattern 19 : Informational Messages | Base Rule | General Syslog Information | Information |
| SMTP Server Not Issuing Commands | Sub Rule | SMTP Warning | Warning |
| Segmentation Fault | Sub Rule | Segmentation Fault | Error |
| Received Disconnect | Sub Rule | Disconnect Request Received | Information |
| SFTP Request Received | Sub Rule | SFTP Request | Information |
| UUID Functionality Is Not Supported | Sub Rule | UUID Not Supported | Information |
| Accepted Keyboard Interactive/Pam | Sub Rule | User Logon | Authentication Success |
| Failed Login - Illegal User | Sub Rule | User Logon Failure : Bad Username | Authentication Failure |
| Accepted Publickey | Sub Rule | Authentication Activity | Authentication Success |
| Superuser Accepted Publickey | Sub Rule | Authentication Activity | Authentication Success |
| Yum Informational Message | Sub Rule | Yum Logs | Information |
| Subsystem Request | Sub Rule | Subsystem Request | Information |
| General Login Counter Message | Sub Rule | General Login Counter Message | Information |
| Login Counter Message : Tally Underflow | Sub Rule | Login Counter Underflow | Warning |
| Did Not Receive Identification String | Sub Rule | Did Not Receive Identification String | Information |
| Write Failed | Sub Rule | Write Failed | Error |
| General Pam_Access | Sub Rule | General PAM_Access Message | Information |
| General PAM_Securetty | Sub Rule | General PAM_SecureTTY Message | Information |
| Failed Login | Sub Rule | User Logon Failure | Authentication Failure |
| General PAM_Securetty Access Denied | Sub Rule | Access Object Failure | Access Failure |
| Connection Made | Sub Rule | Traffic Allowed by Network Firewall | Network Allow |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
| N/A | <severity> | Text\String |
| N/A | <login> | Text\String |
| N/A | <dname> | Text\String |
| N/A | <sname> | Text\String |
| N/A | <protname> | Text\String |
| N/A | <object> | Text\String |
| N/A | <subject> | Text\String |
| N/A | <process> | Text\String |
| N/A | <processid> | Number |
| N/A | <tag2> | Text\String |
| N/A | <tag3> | Text\String |
| N/A | <sip> | Numeric |
| N/A | <sport> | Number |
| N/A | <tag4> | Text\String |