Log Fields and Parsing
This section details the log fields available in this log message type, along with values parsed for both LogRhythm Default and LogRhythm Default v2.0 policies. A value of "N/A" (not applicable) means that there is no value parsed for a specified log field.
|
Log Field |
LogRhythm Default |
LogRhythm Default v2.0 |
|---|---|---|
|
Provider |
<objectname>, <tag2> |
N/A |
|
EventID Qualifiers |
<vmid> |
N/A |
|
Version |
N/A |
N/A |
|
Level |
<severity> |
N/A |
|
Task |
N/A |
N/A |
|
Opcode |
N/A |
N/A |
|
Keywords |
N/A |
N/A |
|
TimeCreated |
N/A |
N/A |
|
EventRecordID |
N/A |
N/A |
|
Correlation |
N/A |
N/A |
|
Execution ProcessID |
<processid> |
N/A |
|
ThreadID |
<session> |
N/A |
|
Channel |
<object> |
N/A |
|
Computer |
<dname> |
N/A |
|
Security |
<domain>
|
N/A |
|
SubjectUserName |
<login> |
N/A |
|
SubjectDomainName |
<domain> |
N/A |
|
UserData |
<vendorinfo> |
N/A |
|
Account Name |
<login> |
N/A |
|
Domain Name |
<domain> |
N/A |
Log Processing Settings
This section details log processing changes made from the LogRhythm Default policy to LogRhythm Default v2.0. In some cases, base rules are broken down into sub-rules to appropriately parse log message types by their event types.
LogRhythm Default
|
Regex ID |
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|---|
|
1008252 |
Pattern 4: General Informational Messages |
Base Rule |
General Operations |
Other Operations |
|
EVID 104: Log Cleared Messages |
Sub Rule |
Log Cleared |
Access Success |
|
|
EVID 1102: Audit Log Cleared Messages |
Sub Rule |
Log Cleared |
Access Success |
|
|
EVID 10: Document Printed |
Sub Rule |
Document Printed |
Other Audit Success |
|
|
EVID 1038: Unicast DHCP DB Cleanup Done |
Sub Rule |
DHCP Service Database Cleanup Completed |
Information |
|
|
EVID 1039: MltCst DHCP DB Cleanup Done |
Sub Rule |
DHCP Service Database Cleanup Completed |
Information |
|
|
EVID 13: Doc Deleted From Print Queue |
Sub Rule |
Document Deleted From Print Queue |
Information |
|
|
General: Print Information |
Sub Rule |
General Print Information |
Information |
|
|
General: Windows Browser Information |
Sub Rule |
General Windows Browser Information |
Information |
|
|
General: Event Log Information |
Sub Rule |
General Event Log Information |
Information |
|
|
General: SNMP Information |
Sub Rule |
General SNMP Information |
Information |
|
|
General: ATAPI Information |
Sub Rule |
General ATAPI Information |
Information |
|
|
General: DHCP Information |
Sub Rule |
DHCP Information |
Information |
|
|
General: DHCP Information |
Sub Rule |
DHCP Information |
Information |
|
|
General: System Information |
Sub Rule |
General System Information |
Information |
|
|
General: LPXNDS Information |
Sub Rule |
General LPXNDS Information |
Information |
|
|
General: Veritas Information |
Sub Rule |
General Veritas Information |
Information |
|
|
General: CertObj Information |
Sub Rule |
General CertObj Information |
Information |
|
|
General: IISCTLS Information |
Sub Rule |
General IISCTLS Information |
Information |
|
|
General: Winacpci Information |
Sub Rule |
General Winacpci Information |
Information |
|
|
General: Ultra66 Information |
Sub Rule |
General Ultra66 Information |
Information |
|
|
General: Windows Update Agent Information |
Sub Rule |
General Windows Update Agent Information |
Information |
|
|
General: EL90XBC Information |
Sub Rule |
General EL90XBC Information |
Information |
|
|
General: Software Restriction Policy Information |
Sub Rule |
General Software Restriction Policy Information |
Information |
|
|
General: NPFS Information |
Sub Rule |
General NPFS Information |
Information |
|
|
General: Fastfat Information |
Sub Rule |
General Fastfat Information |
Information |
|
|
General: EXIFS Information |
Sub Rule |
General EXIFS Information |
Information |
|
|
General: Pelmouse Information |
Sub Rule |
General Pelmouse Information |
Information |
|
|
General: LDMS Information |
Sub Rule |
General LDMS Information |
Information |
|
|
General: PGPdisk Information |
Sub Rule |
General PGPdisk Information |
Information |
|
|
General: BCM43XX Information |
Sub Rule |
General BCM43XX Information |
Information |
|
|
General: DirectX Information |
Sub Rule |
General DirectX Information |
Information |
|
|
General: Wanatw Information |
Sub Rule |
General Wanatw Information |
Information |
|
|
General: Dtscsi Information |
Sub Rule |
General Dtscsi Information |
Information |
|
|
General: Beep Information |
Sub Rule |
General Beep Information |
Information |
|
|
General: Ql12160 Information |
Sub Rule |
General Ql12160 Information |
Information |
|
|
General: Bcm4sbxp Information |
Sub Rule |
General Bcm4sbxp Information |
Information |
|
|
General: Winachcf Information |
Sub Rule |
General Winachcf Information |
Information |
|
|
General: VDS Basic Provider 1.0 Information |
Sub Rule |
General VDS Basic Provider 1.0 Information |
Information |
|
|
General: Null Information |
Sub Rule |
General Null Information |
Information |
|
|
General: Abiosdsk Information |
Sub Rule |
General Abiosdsk Information |
Information |
|
|
General: AeLookupSvc Information |
Sub Rule |
General AeLookupSvc Information |
Information |
|
|
General: ACPI Information |
Sub Rule |
General ACPI Information |
Information |
|
|
General: TermServLicensing Information |
Sub Rule |
General TermServLicensing Information |
Information |
|
|
General: SMCIRDA Information |
Sub Rule |
General SMCIRDA Information |
Information |
|
|
General: Cpqarry2 Information |
Sub Rule |
General Cpqarry2 Information |
Information |
|
|
General: G200 Information |
Sub Rule |
General G200 Information |
Information |
|
|
General: Cpqcissm Information |
Sub Rule |
General Cpqcissm Information |
Information |
|
|
General: Sym_U3 Information |
Sub Rule |
General Sym_U3 Information |
Information |
|
|
General: IISLOG Information |
Sub Rule |
General IISLOG Information |
Information |
|
|
General: IPXRouterManager Information |
Sub Rule |
General IPXRouterManager Information |
Information |
|
|
General: MRxDAV Information |
Sub Rule |
General MRxDAV Information |
Information |
|
|
General: Sndblst Information |
Sub Rule |
General Sndblst Information |
Information |
|
|
General: Cdfs Information |
Sub Rule |
General Cdfs Information |
Information |
|
|
General: Information |
Sub Rule |
MDAC Information |
Information |
|
|
General: RSVP Information |
Sub Rule |
General RSVP Information |
Information |
|
|
General: IPXSAP Information |
Sub Rule |
General IPXSAP Information |
Information |
|
|
General: IAS Information |
Sub Rule |
General IAS Information |
Information |
|
|
General: Wdvga_Detect Information |
Sub Rule |
General Wdvga_Detect Information |
Information |
|
|
General: Ftdisk Information |
Sub Rule |
General Ftdisk Information |
Information |
|
|
General: Sparrow Information |
Sub Rule |
General Sparrow Information |
Information |
|
|
General: NetBT Information |
Sub Rule |
General NetBT Information |
Information |
|
|
General: Wceusbsh Information |
Sub Rule |
General Wceusbsh Information |
Information |
|
|
General: Scsiport Information |
Sub Rule |
General Scsiport Information |
Information |
|
|
General: Dac2w2k Information |
Sub Rule |
General Dac2w2k Information |
Information |
|
|
General: DistrLinkTrckngClnt Information |
Sub Rule |
General DistributedLinkTracking Client Information |
Information |
|
|
General: UPS Information |
Sub Rule |
General UPS Information |
Information |
|
|
General: NTMS Information |
Sub Rule |
General NTMS Information |
Information |
|
|
General: BridgeMP Information |
Sub Rule |
General BridgeMP Information |
Information |
|
|
General: Kbdclass Information |
Sub Rule |
General Kbdclass Information |
Information |
|
|
General: Windows Script Host Information |
Sub Rule |
General Windows Script Host Information |
Information |
|
|
General: Netlogon Information |
Sub Rule |
General Netlogon Information |
Information |
|
|
General: Arp1394 Information |
Sub Rule |
General Arp1394 Information |
Information |
|
|
General: System Error Information |
Sub Rule |
General System Error Information |
Information |
|
|
General: Flashpnt Information |
Sub Rule |
General Flashpnt Information |
Information |
|
|
General: NTFS Information |
Sub Rule |
General NTFS Information |
Information |
|
|
General: FA312 Information |
Sub Rule |
General FA312 Information |
Information |
|
|
General: LDM Information |
Sub Rule |
General LDM Information |
Information |
|
|
General: Et4000_detect Information |
Sub Rule |
General Et4000_detect Information |
Information |
|
|
General: WgaNotify Information |
Sub Rule |
General WgaNotify Information |
Information |
|
|
General: Perc2 Information |
Sub Rule |
General Perc2 Information |
Information |
|
|
General: VMnetDHCP Information |
Sub Rule |
General VMnetDHCP Information |
Information |
|
|
General: Msadlib Information |
Sub Rule |
General Msadlib Information |
Information |
|
|
General: OSPFMib Information |
Sub Rule |
General OSPFMib Information |
Information |
|
|
General: 4mmdat Information |
Sub Rule |
General 4mmdat Information |
Information |
|
|
General: Cryptsvc Information |
Sub Rule |
General Cryptsvc Information |
Information |
|
|
General: Rdbss Information |
Sub Rule |
General Rdbss Information |
Information |
|
|
General: Atmarpc Information |
Sub Rule |
General Atmarpc Information |
Information |
|
|
General: Ini910u Information |
Sub Rule |
General Ini910u Information |
Information |
|
|
General: Pelusblf Information |
Sub Rule |
General Pelusblf Information |
Information |
|
|
General: Server Administrator Information |
Sub Rule |
General Server Administrator Information |
Information |
|
|
General: P3 Information |
Sub Rule |
General P3 Information |
Information |
|
|
General: Dpti2o Information |
Sub Rule |
General Dpti2o Information |
Information |
|
|
General: WINS Information |
Sub Rule |
General WINS Information |
Information |
|
|
General: Amdide Information |
Sub Rule |
General Amdide Information |
Information |
|
|
General: Symc810 Information |
Sub Rule |
General Symc810 Information |
Information |
|
|
General: Sfloppy Information |
Sub Rule |
General Sfloppy Information |
Information |
|
|
General: Ami0nt Information |
Sub Rule |
General Ami0nt Information |
Information |
|
|
General: Udfs Information |
Sub Rule |
General Udfs Information |
Information |
|
|
General: NIC1394 Information |
Sub Rule |
General NIC1394 Information |
Information |
|
|
General: Schedule Information |
Sub Rule |
General Schedule Information |
Information |
|
|
General: Asc Information |
Sub Rule |
General Asc Information |
Information |
|
|
General: I2omgmt Information |
Sub Rule |
General I2omgmt Information |
Information |
|
|
General: VDS Dynamic Provider 1.0 Information |
Sub Rule |
General VDS Dynamic Provider 1.0 Information |
Information |
|
|
General: NetDDE Information |
Sub Rule |
General NetDDE Information |
Information |
|
|
General: Sym_Hi Information |
Sub Rule |
General Sym_Hi Information |
Information |
|
|
General: Symc8xx Information |
Sub Rule |
General Symc8xx Information |
Information |
|
|
General: ATI2mtag Information |
Sub Rule |
General ATI2mtag Information |
Information |
|
|
General: Flpydisk Information |
Sub Rule |
General Flpydisk Information |
Information |
|
|
General: W29n51 Information |
Sub Rule |
General W29n51 Information |
Information |
|
|
General: Hpn Information |
Sub Rule |
General Hpn Information |
Information |
|
|
General: Pciide Information |
Sub Rule |
General Pciide Information |
Information |
|
|
General: SAVRT Information |
Sub Rule |
General SAVRT Information |
Information |
|
|
General: TermServJet Information |
Sub Rule |
General TermServJet Information |
Information |
|
|
General: WGA Information |
Sub Rule |
General WGA Information |
Information |
|
|
General: Weitekp9_Detect Information |
Sub Rule |
General Weitekp9_Detect Information |
Information |
|
|
General: Abp480n5 Information |
Sub Rule |
General Abp480n5 Information |
Information |
|
|
General: ATI HotKey Poller Information |
Sub Rule |
General ATI HotKey Poller Information |
Information |
|
|
General: PCI_HAL Information |
Sub Rule |
General PCI_HAL Information |
Information |
|
|
General: Ipsraidn Information |
Sub Rule |
General Ipsraidn Information |
Information |
|
|
General: VolSnap Information |
Sub Rule |
General VolSnap Information |
Information |
|
|
General: ATI2mpad Information |
Sub Rule |
General ATI2mpad Information |
Information |
|
|
General: QL1240 Information |
Sub Rule |
General QL1240 Information |
Information |
|
|
General: IPSec Information |
Sub Rule |
General IPSec Information |
Information |
|
|
General: Aliide Information |
Sub Rule |
General Aliide Information |
Information |
|
|
General: WindowsMedia Information |
Sub Rule |
General WindowsMedia Information |
Information |
|
|
General: QL10wnt Information |
Sub Rule |
General QL10wnt Information |
Information |
|
|
General: Acpiec Information |
Sub Rule |
General Acpiec Information |
Information |
|
|
General: Pcmcia Information |
Sub Rule |
General Pcmcia Information |
Information |
|
|
General: VMnetAdapter Information |
Sub Rule |
General VMnetAdapter Information |
Information |
|
|
General: Fips Information |
Sub Rule |
General Fips Information |
Information |
|
|
General: SCardSvr Information |
Sub Rule |
General SCardSvr Information |
Information |
|
|
General: TCPMon Information |
Sub Rule |
General TCPMon Information |
Information |
|
|
General: PxHelp20 Information |
Sub Rule |
General PxHelp20 Information |
Information |
|
|
General: IISWMI Information |
Sub Rule |
General IISWMI Information |
Information |
|
|
General: Mup Information |
Sub Rule |
General Mup Information |
Information |
|
|
General: ATI_Detect Information |
Sub Rule |
General ATI_Detect Information |
Information |
|
|
General: Simbad Information |
Sub Rule |
General Simbad Information |
Information |
|
|
General: D347bus Information |
Sub Rule |
General D347bus Information |
Information |
|
|
General: QL1080 Information |
Sub Rule |
General QL1080 Information |
Information |
|
|
General: SMTPSVC Information |
Sub Rule |
General SMTPSVC Information |
Information |
|
|
General: AsyncMac Information |
Sub Rule |
General AsyncMac Information |
Information |
|
|
General: IPNATHLP Information |
Sub Rule |
General IPNATHLP Information |
Information |
|
|
General: Intelide Information |
Sub Rule |
General Intelide Information |
Information |
|
|
General: Volume Shadow Copy Svc Task Information |
Sub Rule |
General Volume Shadow Copy Svc Task Information |
Information |
|
|
General: WMConnectCDS Information |
Sub Rule |
General WMConnectCDS Information |
Information |
|
|
General: Dellcerc Information |
Sub Rule |
General Dellcerc Information |
Information |
|
|
General: DfsDriver Information |
Sub Rule |
General DfsDriver Information |
Information |
|
|
General: Srv Information |
Sub Rule |
General Srv Information |
Information |
|
|
General: SAM Information |
Sub Rule |
General SAM Information |
Information |
|
|
General: LsaSrv Information |
Sub Rule |
General LsaSrv Information |
Information |
|
|
General: WLBS Information |
Sub Rule |
General WLBS Information |
Information |
|
|
General: Afcnt Information |
Sub Rule |
General Afcnt Information |
Information |
|
|
General: Dmio Information |
Sub Rule |
General Dmio Information |
Information |
|
|
General: Save Dump Information |
Sub Rule |
General Save Dump Information |
Information |
|
|
General: IGMPv2 Information |
Sub Rule |
General IGMPv2 Information |
Information |
|
|
General: Vsdatant Information |
Sub Rule |
General Vsdatant Information |
Information |
|
|
General: PlugPlayManager Information |
Sub Rule |
General PlugPlayManager Information |
Information |
|
|
General: Amsint Information |
Sub Rule |
General Amsint Information |
Information |
|
|
General: BTHUSB Information |
Sub Rule |
General BTHUSB Information |
Information |
|
|
General: RT2500 Information |
Sub Rule |
General RT2500 Information |
Information |
|
|
General: QL1280 Information |
Sub Rule |
General QL1280 Information |
Information |
|
|
General: Diskperf Information |
Sub Rule |
General Diskperf Information |
Information |
|
|
General: Application Popup Information |
Sub Rule |
General Application Popup Information |
Information |
|
|
General: RasAuto Information |
Sub Rule |
General RasAuto Information |
Information |
|
|
General: Parallel Information |
Sub Rule |
General Parallel Information |
Information |
|
|
General: AN983 Information |
Sub Rule |
General AN983 Information |
Information |
|
|
General: TermDD Information |
Sub Rule |
General TermDD Information |
Information |
|
|
General: Fs_rec Information |
Sub Rule |
General Fs_rec Information |
Information |
|
|
General: DistrLinkTrckngSvr Information |
Sub Rule |
General DistributedLinkTracking Server Information |
Information |
|
|
General: Lbrtfdc Information |
Sub Rule |
General Lbrtfdc Information |
Information |
|
|
General: OSPF Information |
Sub Rule |
Router Dropping All OSPF Packets Due To Table Sync |
Information |
|
|
General: IPXRIP Information |
Sub Rule |
General IPXRIP Information |
Information |
|
|
General: Aic78xx Information |
Sub Rule |
General Aic78xx Information |
Information |
|
|
General: Cmdide Information |
Sub Rule |
General Cmdide Information |
Information |
|
|
General: QL2200 Information |
Sub Rule |
General QL2200 Information |
Information |
|
|
General: Adpu160m Information |
Sub Rule |
General Adpu160m Information |
Information |
|
|
General: QL2300 Information |
Sub Rule |
General QL2300 Information |
Information |
|
|
General: WZCSVC Information |
Sub Rule |
General WZCSVC Information |
Information |
|
|
General: Msfs Information |
Sub Rule |
General Msfs Information |
Information |
|
|
General: E1000 Information |
Sub Rule |
General E1000 Information |
Information |
|
|
General: SSDPSRV Information |
Sub Rule |
General SSDPSRV Information |
Information |
|
|
General: Nfrd960 Information |
Sub Rule |
General Nfrd960 Information |
Information |
|
|
General: Mouhid Information |
Sub Rule |
General Mouhid Information |
Information |
|
|
General: Fd16_700 Information |
Sub Rule |
General Fd16_700 Information |
Information |
|
|
General: Win32k Information |
Sub Rule |
General Win32k Information |
Information |
|
|
General: Changer Information |
Sub Rule |
General Changer Information |
Information |
|
|
General: IPRouterManager Information |
Sub Rule |
General IPRouterManager Information |
Information |
|
|
General: Cpqfcalm Information |
Sub Rule |
General Cpqfcalm Information |
Information |
|
|
General: Wd Information |
Sub Rule |
General Wd Information |
Information |
|
|
General: Automatic Updates Information |
Sub Rule |
General Automatic Updates Information |
Information |
|
|
General: Alerter Information |
Sub Rule |
General Alerter Information |
Information |
|
|
General: MBSCRM_Hotfix Information |
Sub Rule |
General MBSCRM_Hotfix Information |
Information |
|
|
General: Iirsp Information |
Sub Rule |
General Iirsp Information |
Information |
|
|
General: Outlook Express 6 Information |
Sub Rule |
General Outlook Express 6 Information |
Information |
|
|
General: Virtual Disk Service Information |
Sub Rule |
General Virtual Disk Service Information |
Information |
|
|
General: VMnetuserif Information |
Sub Rule |
General VMnetuserif Information |
Information |
|
|
General: PolicyAgent Information |
Sub Rule |
General Policy Agent Information |
Information |
|
|
General: Cbidf2k Information |
Sub Rule |
General Cbidf2k Information |
Information |
|
|
General: ShavlikPatchMgmt Information |
Sub Rule |
General ShavlikPatchMgmt Information |
Information |
|
|
General: VMnetBridge Information |
Sub Rule |
General VMnetBridge Information |
Information |
|
|
General: RasMan Information |
Sub Rule |
General RasMan Information |
Information |
|
|
General: Setup Information |
Sub Rule |
General Setup Information |
Information |
|
|
General: PptpMiniport Information |
Sub Rule |
General PptpMiniport Information |
Information |
|
|
General: KDC Information |
Sub Rule |
General KDC Information |
Information |
|
|
General: Hpt3xx Information |
Sub Rule |
General Hpt3xx Information |
Information |
|
|
General: N100 Information |
Sub Rule |
General N100 Information |
Information |
|
|
General: WinDefend Information |
Sub Rule |
General WinDefend Information |
Information |
|
|
General: Toside Information |
Sub Rule |
General Toside Information |
Information |
|
|
General: QL2100 Information |
Sub Rule |
General QL2100 Information |
Information |
|
|
General: VMnetx Information |
Sub Rule |
General VMnetx Information |
Information |
|
|
General: USER32 Information |
Sub Rule |
General USER32 Information |
Information |
|
|
General: LmHosts Information |
Sub Rule |
General LmHosts Information |
Information |
|
|
General: Mouclass Information |
Sub Rule |
General Mouclass Information |
Information |
|
|
General: CDaudio Information |
Sub Rule |
General CDaudio Information |
Information |
|
|
General: Cpqfws2e Information |
Sub Rule |
General Cpqfws2e Information |
Information |
|
|
General: Symmpi Information |
Sub Rule |
General Symmpi Information |
Information |
|
|
General: TermServDevices Information |
Sub Rule |
General TermServDevices Information |
Information |
|
|
General: WinHttpAutoProxySvc Information |
Sub Rule |
General WinHttpAutoProxySvc Information |
Information |
|
|
General: Dmboot Information |
Sub Rule |
General Dmboot Information |
Information |
|
|
General: SynTP Information |
Sub Rule |
General SynTP Information |
Information |
|
|
General: TCP/IP Information |
Sub Rule |
General TCP/IP Information |
Information |
|
|
General: TDI Information |
Sub Rule |
General TDI Information |
Information |
|
|
General: W3SVC Information |
Sub Rule |
General W3SVC Information |
Information |
|
|
General: Ndis Information |
Sub Rule |
General Ndis Information |
Information |
|
|
General: CD20xrnt Information |
Sub Rule |
General CD20xrnt Information |
Information |
|
|
General: TermServSessDir Information |
Sub Rule |
General TermServSessDir Information |
Information |
|
|
General: Cirrus_Detect Information |
Sub Rule |
General Cirrus_Detect Information |
Information |
|
|
General: Aha154x Information |
Sub Rule |
General Aha154x Information |
Information |
|
|
General: I2omp Information |
Sub Rule |
General I2omp Information |
Information |
|
|
General: Viamrx64 Information |
Sub Rule |
General Viamrx64 Information |
Information |
|
|
General: Ultra Information |
Sub Rule |
General Ultra Information |
Information |
|
|
General: Atdisk Information |
Sub Rule |
General Atdisk Information |
Information |
|
|
General: VMnet Information |
Sub Rule |
General VMnet Information |
Information |
|
|
General: Kerberos Information |
Sub Rule |
General Kerberos Information |
Information |
|
|
General: MSFTPSVC Information |
Sub Rule |
General MSFTPSVC Information |
Information |
|
|
General: Asc3550 Information |
Sub Rule |
General Asc3550 Information |
Information |
|
|
General: Schannel Information |
Sub Rule |
General Schannel Information |
Information |
|
|
General: Parvdm Information |
Sub Rule |
General Parvdm Information |
Information |
|
|
General: Adpu320 Information |
Sub Rule |
General Adpu320 Information |
Information |
|
|
General: Aic78u2 Information |
Sub Rule |
General Aic78u2 Information |
Information |
|
|
General: Netflx3 Information |
Sub Rule |
General Netflx3 Information |
Information |
|
|
General: E1express Information |
Sub Rule |
General E1express Information |
Information |
|
|
General: IPBOOTP Information |
Sub Rule |
General IPBOOTP Information |
Information |
|
|
General: HTTP Information |
Sub Rule |
General HTTP Information |
Information |
|
|
General: WmcCds Information |
Sub Rule |
General WmcCds Information |
Information |
|
|
General: Cdm Information |
Sub Rule |
General Cdm Information |
Information |
|
|
General: NetBIOS Information |
Sub Rule |
General NetBIOS Information |
Information |
|
|
General: MrxSmb Information |
Sub Rule |
General MrxSmb Information |
Information |
|
|
General: Isapnp Information |
Sub Rule |
General Isapnp Information |
Information |
|
|
General: Sptd Information |
Sub Rule |
General Sptd Information |
Information |
|
|
General: EFS Information |
Sub Rule |
General EFS Information |
Information |
|
|
General: Ncrc710 Information |
Sub Rule |
General Ncrc710 Information |
Information |
|
|
General: WMIxWDM Information |
Sub Rule |
General WMIxWDM Information |
Information |
|
|
General: I8042prt Information |
Sub Rule |
General I8042prt Information |
Information |
|
|
General: IPXCP Information |
Sub Rule |
General IPXCP Information |
Information |
|
|
General: ATIrage Information |
Sub Rule |
General ATIrage Information |
Information |
|
|
General: Modem Information |
Sub Rule |
General Modem Information |
Information |
|
|
General: Dnscache Information |
Sub Rule |
General Dnscache Information |
Information |
|
|
General: W32Time Information |
Sub Rule |
General W32Time Information |
Information |
|
|
General: E100B Information |
Sub Rule |
General E100B Information |
Information |
|
|
General: Yukonx64 Information |
Sub Rule |
General Yukonx64 Information |
Information |
|
|
General: Cirrus Information |
Sub Rule |
General Cirrus Information |
Information |
|
|
General: Disk Information |
Sub Rule |
General Disk Information |
Information |
|
|
General: SR Information |
Sub Rule |
General SR Information |
Information |
|
|
General: DP83815 Information |
Sub Rule |
General DP83815 Information |
Information |
|
|
General: NdisWan Information |
Sub Rule |
General NdisWan Information |
Information |
|
|
General: Nla Information |
Sub Rule |
General Nla Information |
Information |
|
|
General: IPRIP2 Information |
Sub Rule |
General IPRIP2 Information |
Information |
|
|
General: StillImage Information |
Sub Rule |
General StillImage Information |
Information |
|
|
General: HCF_MSFT Information |
Sub Rule |
General HCF_MSFT Information |
Information |
|
|
General: Dac960nt Information |
Sub Rule |
General Dac960nt Information |
Information |
|
|
General: Dnsapi Information |
Sub Rule |
General Dnsapi Information |
Information |
|
|
General: Cpqarray Information |
Sub Rule |
General Cpqarray Information |
Information |
|
|
General: Windows Installer 3.1 Information |
Sub Rule |
General Windows Installer 3.1 Information |
Information |
|
|
General: Deckzpsx Information |
Sub Rule |
General Deckzpsx Information |
Information |
|
|
General: ATIrage3 Information |
Sub Rule |
General ATIrage3 Information |
Information |
|
|
General: Clussvc Information |
Sub Rule |
General Clussvc Information |
Information |
|
|
General: TermService Information |
Sub Rule |
General TermService Information |
Information |
|
|
General: Wmi Information |
Sub Rule |
General Wmi Information |
Information |
|
|
General: Parport Information |
Sub Rule |
General Parport Information |
Information |
|
|
General: NV Information |
Sub Rule |
General NV Information |
Information |
|
|
General: Srservice Information |
Sub Rule |
General Srservice Information |
Information |
|
|
General: Server Information |
Sub Rule |
General Server Information |
Information |
|
|
General: WAM Information |
Sub Rule |
General WAM Information |
Information |
|
|
General: RemoteAccess Information |
Sub Rule |
General RemoteAccess Information |
Information |
|
|
General: DCOM Information |
Sub Rule |
General DCOM Information |
Information |
|
|
General: NtServicePack Information |
Sub Rule |
General NtServicePack Information |
Information |
|
|
General: Partmgr Information |
Sub Rule |
General Partmgr Information |
Information |
|
|
General: Windows File Protection Information |
Sub Rule |
General Windows File Protection Information |
Information |
|
|
General: Wvlan48 Information |
Sub Rule |
General Wvlan48 Information |
Information |
|
|
General: Basecsp Information |
Sub Rule |
General Basecsp Information |
Information |
|
|
General: EL90X Information |
Sub Rule |
General EL90X Information |
Information |
|
|
General: NaiFiltr Information |
Sub Rule |
General NaiFiltr Information |
Information |
|
|
General: Redbook Information |
Sub Rule |
General Redbook Information |
Information |
|
|
General: Workstation Information |
Sub Rule |
General Workstation Information |
Information |
|
|
General: Internet Explorer 6 Information |
Sub Rule |
General Internet Explorer 6 Information |
Information |
|
|
General: Processor Information |
Sub Rule |
General Processor Information |
Information |
|
|
General: Fdc Information |
Sub Rule |
General Fdc Information |
Information |
|
|
General: Wlrbt48 Information |
Sub Rule |
General Wlrbt48 Information |
Information |
|
|
General: Mraid35x Information |
Sub Rule |
General Mraid35x Information |
Information |
|
|
General: Cdrom Information |
Sub Rule |
General Cdrom Information |
Information |
|
|
General: S3legacy_Detect Information |
Sub Rule |
General S3legacy_Detect Information |
Information |
|
|
General: IIS Config Information |
Sub Rule |
General IIS Config Information |
Information |
|
|
General: NNTPSVC Information |
Sub Rule |
General NNTPSVC Information |
Information |
|
|
General: Cbidf Information |
Sub Rule |
General Cbidf Information |
Information |
|
|
General: Fasttx2k Information |
Sub Rule |
General Fasttx2k Information |
Information |
|
|
General: Lp6nds35 Information |
Sub Rule |
General Lp6nds35 Information |
Information |
|
|
General: PCI Information |
Sub Rule |
General PCI Information |
Information |
|
|
General: BTHPORT Information |
Sub Rule |
General BTHPORT Information |
Information |
|
|
General: SNMPTRAP Information |
Sub Rule |
General SNMPTRAP Information |
Information |
|
|
General: Viaide Information |
Sub Rule |
General Viaide Information |
Information |
|
|
General: MGA_Detect Information |
Sub Rule |
General MGA_Detect Information |
Information |
|
|
General: Buslogic Information |
Sub Rule |
General Buslogic Information |
Information |
|
|
General: BITS Information |
Sub Rule |
General BITS Information |
Information |
|
|
General: RMCAST Information |
Sub Rule |
General RMCAST Information |
Information |
|
|
General: Asc3350p Information |
Sub Rule |
General Asc3350p Information |
Information |
|
|
General: AmdK8 Information |
Sub Rule |
General AmdK8 Information |
Information |
|
|
General: QV_Detect Information |
Sub Rule |
General QV_Detect Information |
Information |
|
|
General: Rcvpn Information |
Sub Rule |
General Rcvpn Information |
Information |
|
|
General: VgaSave Information |
Sub Rule |
General VgaSave Information |
Information |
|
|
General: Serial Information |
Sub Rule |
General Serial Information |
Information |
|
|
General: Removable Storage Service Information |
Sub Rule |
General Removable Storage Service Information |
Information |
|
|
General: IISMAP Information |
Sub Rule |
General IISMAP Information |
Information |
|
|
General: Kbdhid Information |
Sub Rule |
General Kbdhid Information |
Information |
|
|
General: IPMGM Information |
Sub Rule |
General IPMGM Information |
Information |
|
|
General: PSched Information |
Sub Rule |
General PSched Information |
Information |
|
|
EVID 1037: DHCP Svc DB Cleanup Started |
Sub Rule |
Process/Service Started |
Startup and Shutdown |
|
|
EVID 6005: Event Log Service Started |
Sub Rule |
Process/Service Started |
Startup and Shutdown |
|
|
EVID 6006: Event Log Service Stopped |
Sub Rule |
Process/Service Stopped |
Startup and Shutdown |
LogRhythm Default v2.0
N/A