Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|
Pattern 20 : Informational Messages 2 |
Base Rule |
General Information |
Information |
|
Invalid Argument |
Sub Rule |
Invalid Argument |
Information |
|
IP Address Leased |
Sub Rule |
IP Address Leased |
Information |
|
Received Disconnect |
Sub Rule |
Disconnect Request Received |
Information |
|
Statistics : Amount Dropped |
Sub Rule |
System Statistics |
Information |
|
NTPD Synchronized |
Sub Rule |
Synchronization Finished |
Information |
|
UUID Functionality Is Not Supported |
Sub Rule |
UUID Not Supported |
Information |
|
SeLinux Is Preventing Read |
Sub Rule |
Access Object Failure |
Access Failure |
|
SeLinux Is Preventing Read Write |
Sub Rule |
Access Object Failure |
Access Failure |
|
SeLinux Is Preventing Append |
Sub Rule |
Modify Object Failure |
Access Failure |
|
You Must Exec Login From Lowest Login Shell |
Sub Rule |
LOGIN Error |
Error |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|
N/A |
<severity> |
Text\String |
|
N/A |
<dip> |
Number |
|
N/A |
<dname> |
Text\String |
|
N/A |
<process> |
Text\String |
|
N/A |
<processid> |
Number |
|
N/A |
<subject> |
Text\String |
|
N/A |
<object> |
Text\String |
|
N/A |
<command> |
Text\String |
|
N/A |
<amount> |
Number |
|
N/A |
<tag2> |
Text\String |
|
N/A |
<tag1> |
Text\String |