Classification
|
RuleName |
RuleType |
CommonEvent |
Classification |
|
Chroot Configuration Failure |
Sub Rule |
Failed Configuration |
Other Audit Failure |
|
Log Facility Set |
Sub Rule |
Log Collector Set |
Information |
|
Restricted Shell Configuration |
Base Rule |
Configuration Modified : System |
Configuration |
|
Umask Set |
Sub Rule |
Configuration Modified : Security |
Configuration |
|
Chroot Set For All Users |
Sub Rule |
Configuration Modified : Security |
Configuration |
|
SFTP Allowed |
Sub Rule |
Configuration Enabled : Security |
Configuration |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|
N/A |
<object> |
Text\String |
|
N/A |
<group> |
Text\String |
|
N/A |
<tag1> |
Text\String |