Classification
|
Rule Name |
Rule Type |
Classification |
Common Event |
|---|---|---|---|
|
PGP Admin : Email From Address Is A Required Field |
Sub Rule |
Warning |
Email Delivery User Unknown |
|
PGP Admin : SMS Is A Required Field |
Sub Rule |
Warning |
General SMS Warning |
|
PGP Admin : Test LDAP Connection Succeed |
Sub Rule |
Information |
Performing LDAP Connectivity Tests |
|
PGP Admin : Using Passphrase Login Successfully |
Sub Rule |
Authentication Success |
User Logon |
|
PGP Admin : Failed Login Attempt |
Sub Rule |
Authentication Failure |
User Logon Failure |
|
PGP Admin : Initiated Service Restart |
Sub Rule |
Startup and Shutdown |
Process/Service Restarting |
|
PGP Admin : Changed External Syslog Configuration |
Sub Rule |
Configuration |
Configuration Modified : System |
|
Pattern 4 : PGP Admin Messages |
Base Rule |
Information |
General PGP Message |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
LOC5 |
<severity> |
Text/String |
|
N/A |
<dname> |
Text/String |
|
N/A |
<process> |
Text/String |
|
N/A |
<processid> |
Number |
|
N/A |
<object> |
Text/String |
|
N/A |
<tag1> |
Text/String |
|
N/A |
<tag2> |
Text/String |
|
N/A |
<tag3> |
Text/String |
|
N/A |
<sip> |
Number |
|
N/A |
<sname> |
Text/String |
|
N/A |
<sport> |
Number |
|
N/A |
<login> |
Text/String |