Request Violations
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| Request Violations | Base Rule | HTTP Request Failed | Error |
| Evasion Technique Detected | Sub Rule | General Attack Activity | Attack |
| Illegal HTTP Status In Response | Sub Rule | Illegal Status | Information |
| Illegal Parameter | Sub Rule | Parameter Error | Error |
| Illegal Query String Length | Sub Rule | Length Out Of Range | Warning |
| Illegal URL Length | Sub Rule | Length Out Of Range | Warning |
| Illegal URL | Sub Rule | Illegal URL | Error |
| Illegal URL : Illegal Parameter | Sub Rule | Parameter Error | Error |
| Illegal URL : Illegal File Type | Sub Rule | Parameter Error | Error |
| Attack Signature Detected | Sub Rule | Failed General Attack Activity | Failed Attack |
| Information Leakage Detected | Sub Rule | Data Leak Detected | Warning |
| Illegal Request, Length, URL, File Type | Sub Rule | Illegal State/Event Combination | Warning |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| N/A | <severity> | Text/String |
| N/A | <sip> | IP Address |
| N/A | <sport> | Number |
| N/A | <dname> | Text\String |
| N/A | <dport> | Number |
| N/A | <dnatip> | Number |
| N/A | <protname> | Text\String |
| N/A | <session> | Number |
| N/A | <processid> | Number |
| N/A | <process> | Text/String |
| N/A | <object> | Text/String |
| N/A | <threatname> | Text/String |
| N/A | <useragent> | Text/String |
| N/A | <url> | Text/String |
| N/A | <command> | Text/String |
| N/A | <tag1> | Text/String |