Pattern 9 : Login Logout
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Pattern 9 : Login Logout | Base Rule | General Information | Information |
| Ha--Eventmgr : User Logged In | Sub Rule | User Logon | Authentication Success |
| Ha--Eventmgr : User Logged Out | Sub Rule | User Logoff | Authentication Success |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| user | <login> | Text/String |
| sip | <sip> | IP Address |
| tag1 | <tag1> | Text/String |