Pattern 6 : SMTP Connection Messages | LogRhythm Documentation

Classification

Rule Name	Rule Type	common event	classification
Pattern 6 : SMTP Connection Messages	Base Rule	General Information	Information
Connection Established	Sub Rule	Connection Established	Network Traffic
Disconnected	Sub Rule	Connection Closed	Network Traffic
TLS Session Starting	Sub Rule	Connection Built	Network Traffic
TLS Session Started	Sub Rule	Connection Established	Network Traffic
Connection Lost	Sub Rule	Connection Failed	Network Traffic
Connection Lost During Data Transfer	Sub Rule	Connection Failed During Data Transfer	Warning
Connection Lost After Recipient Declared	Sub Rule	Connection Lost After Recipient Declared	Warning