Classification
|
Rule Name |
Rule Type |
Classification |
Common Event |
|---|---|---|---|
|
PGP Cluster : Email-from-address Is Required |
Sub Rule |
Warning |
Email Delivery User Unknown |
|
PGP Cluster : Done Processing |
Sub Rule |
Information |
Processing Notification |
|
PGP Cluster : Receiving Scan Data |
Sub Rule |
Information |
Scan Delivery |
|
PGP Cluster : Scan Will Be Halted |
Sub Rule |
Information |
Scan Duration Insufficient |
|
PGP Cluster : Command Completed |
Sub Rule |
Access Success |
Command Executed |
|
PGP Cluster : Executing Command |
Sub Rule |
Access Success |
Command Executed |
|
PGP Cluster : SMS Is A Required Field |
Sub Rule |
Warning |
General SMS Warning |
|
PGP Cluster : Task Cant Be Executed On This Server |
Sub Rule |
Error |
Error Starting Task |
|
PGP Cluster : Task Ran |
Sub Rule |
Information |
Task Status |
|
PGP Cluster : Task Running |
Sub Rule |
Information |
Task Status |
|
PGP Cluster : Added Cluster Member |
Sub Rule |
Information |
Cluster Operations |
|
PGP Cluster : All Objects In Scan Message Present |
Sub Rule |
Information |
General CLUSTER Message |
|
PGP Cluster : HandleScanResponse |
Sub Rule |
Information |
Validate Response |
|
PGP Cluster : Non-DMZ Link |
Sub Rule |
Information |
Interface Connected |
|
Pattern 5 : PGP Cluster Messages |
Base Rule |
Information |
General PGP Message |
|
PGP Cluster : Rejecting Connection Request |
Sub Rule |
Network Deny |
Traffic Denied by Host Firewall |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
LOC5 |
<severity> |
Text/String |
|
N/A |
<dname> |
Text/String |
|
N/A |
<process> |
Text/String |
|
N/A |
<processid> |
Text/String |
|
N/A |
<object> |
Text/String |
|
N/A |
<tag2> |
Text/String |
|
N/A |
<tag3> |
Text/String |
|
N/A |
<sip> |
Number |
|
N/A |
<sport> |
Number |
|
N/A |
<quantity> |
Number |
|
N/A |
<packets> |
Number |
|
N/A |
<duration> |
Number |