Breadcrumbs

Pattern 27 : Group Policy Message

Classification

Rule Name

Rule Type

Common Event

Classification

Pattern 27 : Group Policy Message

Base Rule

General POLICY Information

Information

Accumulating Settings From GPOs

Sub Rule

Policy Created : Domain

Policy

Applying Settings Changes

Sub Rule

Policy Modified : Domain

Policy

Updating VGP From Policy

Sub Rule

Policy Modified : Domain

Policy

VGP Apply Policy

Sub Rule

Policy Enabled : Domain

Policy

Sending User Account Information

Sub Rule

Sending Request

Information

Removed Existing ADM Policy Settings

Sub Rule

Policy Modified : Domain

Policy

Group Policy Host Information

Sub Rule

Host Description

Information

Empty Group Policy Log

Sub Rule

General POLICY Information

Information

GUID Information

Sub Rule

Instance Information

Information

MS Outlook Information

Sub Rule

General Outlook Information

Information

Mapping with LogRhythm Schema  

Device Key in Log Message

LogRhythm Schema

Data Type

N/A

<sname>

Text\String

N/A

<dname>

Text\String

N/A

<sport>

Number

N/A

<object>

Text\String

N/A

<tag2>

Text\String

N/A

<tag1>

Text\String