Vendor Documentation
Classification
|
Rule Name |
Rule Type |
Classification |
Common Event |
|---|---|---|---|
|
Role/Group Operational Messages |
Base Rule |
Information |
General Event Log Information |
|
Admin: Role Created |
Sub Rule |
Account Created |
Role Created |
|
Admin: Added Admin Realm |
Sub Rule |
Access Success |
Object Created |
|
Admin: Group Added |
Sub Rule |
Access Success |
Object Added |
|
Admin: Role Modified |
Sub Rule |
Account Modified |
Role Attribute Modified |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
N/A |
<severity> |
String |
|
N/A |
<sip> |
IP Address |
|
N/A |
<login> |
String |
|
N/A |
<group> |
String |
|
N/A |
<vmid> |
String |
|
N/A |
<tag1> |
String |
|
N/A |
<tag2> |
String |