SDR : Consolidated Sender Reputation Messages
Vendor Documentation
Classification
| Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| SDR : Consolidated Sender Reputation Messages | Base Rule | Ops/Warning | General AlertEmail Warning |
| Suspicious Email Activity | Sub Rule | Security/Suspicious | Suspicious E-mail Activity |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
<severity> | Text\String | ||
| <domain> | Text\String | ||
| <group> | Text\String | ||
<sender> | Text\String | ||
| <session> | Number |