Pattern 3 : PGP Client Messages
Classification
Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| PGP Client : Mount Success | Sub Rule | Information | File System Mounted |
| PGP Client : Encrypted Bytes | Sub Rule | Information | Using Encryption For Client |
| PGP Client : Item Not Found | Sub Rule | Error | Entry Not Found |
| PGP Client : Authenticated | Sub Rule | Other Audit Success | Session Authenticated |
| PGP Client : Universal Satellite Service Running | Sub Rule | Information | Running Process |
| PGP Client : Universal USP Service Running | Sub Rule | Information | Running Process |
| PGP Client : Started Encryption | Sub Rule | Information | Encryption Process Starting |
| PGP Client : Encrypted Bytes | Sub Rule | Information | Encryption Process |
| PGP Client : Resumed Encryption | Sub Rule | Information | Encryption Process |
| PGP Client : Update WDRT | Sub Rule | Information | Update Event |
| PGP Client : Status Unchanged | Sub Rule | Information | Task Status |
| PGP Client : Connection Established | Sub Rule | Network Traffic | Network Connection Established |
| PGP Client : Unknown Error | Sub Rule | Error | Unknown Error |
| PGP Client : Request UploadKey | Sub Rule | Information | Client Sending Request |
| PGP Client : Request SendLogString | Sub Rule | Information | Client Sending Request |
| PGP Client : Request SendEvent | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GetWDRT | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GetUpdatedTimes | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GetPrefs | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GetCustomizationData | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GenerateKey | Sub Rule | Information | Client Sending Request |
| PGP Client : Request DownloadKey | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GetNonExpiringCookie | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GetLDAPUserInfo | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GetKeyByKeyID | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GetGranularPolicy | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GetEchoVersionAvailable | Sub Rule | Information | Client Sending Request |
| PGP Client : Request GetEchoPrefs | Sub Rule | Information | Client Sending Request |
| PGP Client : Not Signed By A Trusted Certificate | Sub Rule | Warning | Client Rejected Certificate |
| PGP Client : Mount Failure | Sub Rule | Error | File System Mount Failure |
| PGP Client : FIPS Integrity Checks Disabled | Sub Rule | Information | General FIPS Message |
| PGP Client : Device Detected | Sub Rule | Information | Device Detected |
| PGP Client : Machine Detected | Sub Rule | Information | Device Detected |
| PGP Client : GetGranularPolicy | Sub Rule | Information | Policy Summary |
| Pattern 3 : PGP Client Messages | Base Rule | Information | General PGP Message |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| LOC5 | <severity> | Text/String |
| N/A | <sname> | Text/String |
| user | <dname> | Text/String |
| N/A | <account> | Text/String |
| N/A | <process> | Text/String |
| N/A | <processid> | Number |
| N/A | <object> | Text/String |
| N/A | <tag3> | Text/String |
| N/A | <sip> | Number |
| N/A | <sport> | Number |
| N/A | <login> | Text/String |
| N/A | <amount> | Number |
| N/A | <quantity> | Number |