Skip to main content
Skip table of contents

SFIMS : Catch All Level 1

Classification

Rule Name

Rule Type

Common Event

Classification

SFIMS : Catch All Level 1Base RuleNetwork TrafficNetwork Traffic
SFIMS : dcerpc2 MessagesSub RuleNetwork TrafficNetwork Traffic
SFIMS : http_inspect MessagesSub RuleNetwork TrafficNetwork Traffic
SFIMS : ppm MessagesSub RuleNetwork TrafficNetwork Traffic

Mapping with LogRhythm Schema

Device Key in Log Message

LogRhythm Schema

Data Type

NA<process>Number/Text
NA<subject>Text/String
NA<object>Text/String
NA<dname>Number/Text
NA<objectname>Text/String
NA<severity>Number/Text
NA<protname>Number/Text
NA<sip>IP Address
NA<sport>Number
NA<dip>IP Address
NA<dport>Number
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close