Restricted Shell Configuration
Classification
| RuleName | RuleType | CommonEvent | Classification |
| Chroot Configuration Failure | Sub Rule | Failed Configuration | Other Audit Failure |
| Log Facility Set | Sub Rule | Log Collector Set | Information |
| Restricted Shell Configuration | Base Rule | Configuration Modified : System | Configuration |
| Umask Set | Sub Rule | Configuration Modified : Security | Configuration |
| Chroot Set For All Users | Sub Rule | Configuration Modified : Security | Configuration |
| SFTP Allowed | Sub Rule | Configuration Enabled : Security | Configuration |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
| N/A | <object> | Text\String |
| N/A | <group> | Text\String |
| N/A | <tag1> | Text\String |