Pattern 3 : General Audit Events
Classification
Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Pattern 3 : General Audit Events | Base Rule | Other Audit Success | General Audit |
| System Booted | Sub Rule | Startup and Shutdown | System Started |
| System Halted | Sub Rule | Startup and Shutdown | System Shutdown |
| Sendmail Rejecting Connections | Sub Rule | Warning | SENDMAIL Warning |
| System Rebooted | Sub Rule | Startup and Shutdown | System Restarted |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| N/A | <login> | Text/String |
| N/A | <tag1> | Text/String |