Role/Group Operational Messages
Vendor Documentation
Classification
Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Role/Group Operational Messages | Base Rule | Information | General Event Log Information |
| Admin: Role Created | Sub Rule | Account Created | Role Created |
| Admin: Added Admin Realm | Sub Rule | Access Success | Object Created |
| Admin: Group Added | Sub Rule | Access Success | Object Added |
| Admin: Role Modified | Sub Rule | Account Modified | Role Attribute Modified |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| N/A | <severity> | String |
| N/A | <sip> | IP Address |
| N/A | <login> | String |
| N/A | <group> | String |
| N/A | <vmid> | String |
| N/A | <tag1> | String |
| N/A | <tag2> | String |