Policy Violation Messages

https://documentation.securonix.com/bundle/securonix-cloud-user-guide/page/content/active-deployment-guides/akamai-guardicore-centra.htm

https://docs.cyderes.cloud/parser-knowledge-base/guardicore_centra/#product-event-types

Policy Violation Messages

Base Rule

Security Policy Violation

Warning

Device Key in Log Message

LogRhythm Schema

Data Type

Schema Description

N/A

N/A

N/A

Common Event Format identifier: Default or unspecified severity level (can be replaced with specific severity levels such as 1-10).

N/A

N/A

N/A

Vendor or organization name.

N/A

N/A

N/A

Product or service name generating the event.

N/A

<version>

Number

Version number.

N/A

<vmid>

Text/String

N/A

N/A

<vendorinfo>

Text/String

Description

N/A

<severity>

Text/String

Severity level of the event.

start

N/A

N/A

N/A

dvc

<dip>

IP Address

N/A

dvchost

<dname>

Text/String

N/A

act

<action>

Text/String

N/A

cs1Label

N/A

N/A

N/A

cs1

<object>

Text/String

N/A

cs2Label

N/A

N/A

N/A

cs2

<url>

Text/String

N/A

cs3Label

N/A

N/A

N/A

cs3

<policy>

Text/String

N/A

cs4Label

N/A

N/A

N/A

cs4

N/A

N/A

N/A

cs5Label

N/A

N/A

N/A

cs5

N/A

N/A

N/A

cs6Label

N/A

N/A

N/A

cs6

<threatid>

Text/String

N/A