Spam and Mail Log Messages
Vendor Documentation
Classification
| Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Spam and Mail Log Messages | Base Rule | Ops/Information | Spam Messages |
| PID Not Found Messages | Sub Rule | Ops/Information | Process Does Not Exist |
| Case Ctl Running Messages | Sub Rule | Ops/Information | Running Process |
| Checking Directory Messages | Sub Rule | Ops/Information | Directory Check |
| Deprecation Warning Messages | Sub Rule | Ops/Information | Deprecation Announcement |
| High Latency Messages | Sub Rule | Ops/Information | Latency Activity |
| Launching with Arguments Messages | Sub Rule | Ops/Information | General Information |
| Processing Request Restarting Messages | Sub Rule | Ops/Information | Request Received |
| Root or Empty Directory Messages | Sub Rule | Ops/Information | Directory Information |
| Chmod Process Messages | Sub Rule | Ops/Information | Process Executing |
| Chmod Running Process Messages | Sub Rule | Ops/Information | Process Executing |
| SIGHUP to Cased Request Messages | Sub Rule | Ops/Information | Sending Request |
| SIGUP to Cased Request Messages | Sub Rule | Ops/Information | Sending Request |
| Cased Shut Down Messages | Sub Rule | Audit/Startup and Shutdown | Process/Service Startup Or Shutdown Activity |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
<severity> | Text\String | ||
| <processid> | Text\String | ||
<result> <tag1> | Text\String | ||
| <object> | Text\String |