Role/Group Operational Messages
Vendor Documentation
Classification
Rule Name | Rule Type | Classification | Common Event |
---|---|---|---|
Role/Group Operational Messages | Base Rule | Information | General Event Log Information |
Admin: Role Created | Sub Rule | Account Created | Role Created |
Admin: Added Admin Realm | Sub Rule | Access Success | Object Created |
Admin: Group Added | Sub Rule | Access Success | Object Added |
Admin: Role Modified | Sub Rule | Account Modified | Role Attribute Modified |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
---|---|---|
N/A | <severity> | String |
N/A | <sip> | IP Address |
N/A | <login> | String |
N/A | <group> | String |
N/A | <vmid> | String |
N/A | <tag1> | String |
N/A | <tag2> | String |