Skip to main content
Skip table of contents

Pattern 8 : Encryption Syslog

Vendor Documentation

https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_0100110.html

Classification

Rule NameRule TypeClassificationCommon Event
Pattern 8 : Encryption Syslog
Base RuleOps/InformationGeneral Encryption Information
Encryption Process StartingSub RuleAudit/Startup and ShutdownProcess/Service Starting
Encryption Status Request FinishedSub RuleOps/Information
Encryption Status Request Finished
Encryption Process EndingSub RuleOps/Information
Encryption Process Ending
Encryption Socket ClosingSub RuleOps/InformationEncryption Socket Closing
Encryption Envelope Accepted SocketSub RuleAudit/Authentication Success
Authentication Activity
Encryption Finished Building EnvelopeSub RuleOps/InformationEncryption Finished Building Envelope
Encryption Envelope Request StartingSub RuleAudit/Startup and ShutdownProcess/Service Starting
Encryption Status RequestedSub RuleOps/InformationEncryption Status Requested
Encryption Built Envelope SuccessSub RuleOps/InformationEncryption Built Envelope Success
Encryption Status FailedSub RuleOps/warningEncryption Status Failed

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData TypeSchema Description

<session>Number

<tag1>Text\String

<tag2>

Text\String


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close