Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|
Pattern 9 : PIX Traffic |
Base Rule |
General Firewall Log |
Network Traffic |
|
PIX-4-403109 : Received Spoofed Packet |
Sub Rule |
Spoofing Activity |
Attack |
|
PIX-4-402103 : Unencaps IPSEC Pkt NDM Negt ID |
Sub Rule |
IPSec Identity Does not Match Negotiated Identity |
Warning |
|
PIX-4-402106 : Rx Packet Not an IPSEC Packet |
Sub Rule |
Rec'd Packet Not an IPSEC Packet |
Warning |
|
PIX-6-110001 : No Route to Address |
Sub Rule |
No Route Between Hosts |
Information |
|
PIX-6-602101 : PMTU-D Packet Bytes Exceeded |
Sub Rule |
PMTU-D Packet Greater Than Effective MTU |
Warning |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|
N/A |
<vmid> |
Number |
|
N/A |
<sip> |
Number |
|
N/A |
<dip> |
Number |
|
N/A |
<sport> |
Number |
|
N/A |
<dport> |
Number |
|
N/A |
<protname> |
Text/String |