Skip to main content
Skip table of contents

Pattern 9 : Anti-Virus Logs

Vendor Documentation

Classification

Rule NameRule TypeClassificationCommon Event
Pattern 9 : Anti-Virus LogsBase RuleSecurity/OtherGeneral Security
Checking For Virus Signature UpdateSub RuleOps/InformationChecking For Virus Signature Update
Virus Signature Update Not NeededSub RuleOps/InformationVirus Signature Update Not Needed
Anti-Virus Engine Update Not NeededSub RuleOps/InformationAnti-Virus Engine Update Not Needed
Anti-Virus Engine StartedSub RuleOps/InformationAnti-Virus Engine Started
Anti-Virus Engine ReloadedSub RuleOps/InformationAnti-Virus Engine Reloaded
Message Virus FreeSub RuleOps/InformationMessage Virus Free
Virus Signatures ReloadingSub RuleOps/InformationVirus Signatures Reloading
Anti-Virus Update FailedSub RuleOps/ErrorAnti-Virus Update Failed
Error Transferring Anti-Virus UpdateSub RuleOps/Error
Error Transferring Anti-Virus Update
Virus Detected In MessageSub RuleSecurity/Failed Malware
Failed Virus Activity
Object Encrypted MessagesSub RuleOps/InformationEncryption Information
Encrypted Object MessagesSub RuleOps/InformationGeneral Encryption Information
Virus Returning After Scan MessagesSub RuleOps/InformationAntivirus Detection Negative
Virus Free MessagesSub RuleOps/InformationMessage Virus Free

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData TypeSchema Description
MID

<session>


Number

<object>Text\String

<objecttype>Text\String

<subject>Text\String

<url>Text\String

<action>

Text\String

<result>

<tag2>

Text\String

<tag1>Text\String


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.