Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|
|
Pattern 5 : Hostd Messages |
Base Rule |
General Information |
Information |
|
Hostd : Reboot |
Sub Rule |
System Restarted |
Startup and Shutdown |
|
Hostd : Mount State Values Have Changed |
Sub Rule |
Object Modified |
Access Success |
|
Hostd : This Product Has Expired |
Sub Rule |
License Expired |
Critical |
|
Hostd : Result |
Sub Rule |
Results Returned |
Information |
|
Hostd : Established A Connection |
Sub Rule |
Connection Established |
Network Traffic |
|
Hostd : Suspended |
Sub Rule |
System Suspended |
Error |
|
Hostd : Client Closed Connection |
Sub Rule |
Client Connection Closed |
Other Audit Success |
|
Hostd : Deprecated Pam_Stack Module Called |
Sub Rule |
Deprecated Pam_Stack Module Called |
Warning |
|
Hostd : Disconnect Check In Progress |
Sub Rule |
Disconnect Check In Progress |
Information |
|
Hostd : Environmentbrowser |
Sub Rule |
General Environmentbrowser Information |
Information |
|
Hostd : Timedasyncread Failed: Operation Timed Out |
Sub Rule |
Failed Operation |
Warning |
|
Hostd : Failed To Validate Vm Ip Address |
Sub Rule |
Failed Operation |
Warning |
|
Hostd : Fail To Snd Rsp To The Client: Broken Pipe |
Sub Rule |
Failed Operation |
Warning |
|
Hostd : Failed To Power On |
Sub Rule |
Failed Operation |
Warning |
|
Hostd : Failed To Find Activation Record |
Sub Rule |
Failed Operation |
Warning |
|
Hostd : Failed To Do Power Op |
Sub Rule |
Failed Operation |
Warning |
|
Hostd : Failed Operation |
Sub Rule |
Failed Operation |
Warning |
|
Hostd : Invoke Done |
Sub Rule |
Invoke Done |
Information |
|
Hostd : Mount Vm Completion For Vm |
Sub Rule |
Mount Vm Complete |
Information |
|
Hostd : Mount Vm Complete |
Sub Rule |
Mount Vm Complete |
Information |
|
Hostd : Mounting Virtual Machine Paths On Conn |
Sub Rule |
Mounting Virtual Machine Paths On Connection |
Information |
|
Hostd : Received A Dup Transition From Foundry |
Sub Rule |
Received A Duplicate Transition From Foundry |
Information |
|
Hostd : Remote End Sent Pid |
Sub Rule |
Remote End Sent Pid |
Information |
|
Hostd : Resumed |
Sub Rule |
System Resumed |
Other Audit Success |
|
Hostd : Socket |
Sub Rule |
General Socket Information |
Information |
|
Hostd : Ssl Handshake On Client Connection Failed |
Sub Rule |
Ssl Handshake On Client Connection Failure |
Warning |
|
Hostd : To Poweron With Option Soft |
Sub Rule |
Poweron With Option Soft |
Information |
|
Hostd : Unmounting Vm Complete |
Sub Rule |
Unmounting Virtual Machine |
Information |
|
Hostd : Unmounting The Vm: |
Sub Rule |
Unmounting Virtual Machine |
Information |
|
Hostd : User Logged Event: Remote Console On |
Sub Rule |
Console Connection |
Other Audit Success |
|
Hostd : User Logged Event |
Sub Rule |
General User Logged Event |
Information |
|
Hostd : Vmdb_Setcurrentpath Failed |
Sub Rule |
Set Current Path Failed |
Warning |
|
Hostd : Vmkernel_Forkexec |
Sub Rule |
Command Executed |
Access Success |
|
Hostd : Vmhs: Exec |
Sub Rule |
Command Executed |
Access Success |
|
Hostd : Vmodl.Fault.Requestcanceled |
Sub Rule |
Command Canceled |
Other Audit Success |
|
Hostd : Vmx Status Has Been Set For Vm |
Sub Rule |
Status For Virtual Machine Set |
Information |
|
Hostd : Open Successful |
Sub Rule |
Object Accessed |
Access Success |
|
Hostd : Reloading Config State |
Sub Rule |
Configuration Loaded : System |
Configuration |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
tag1 |
<tag1> |
Text/String |