Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|
SVC Connection Information |
Base Rule |
General SVC Message |
Information |
|
ASA-5-722012 : Client Suspend Mode |
Sub Rule |
Set Client Inactive |
Information |
|
ASA-6-722022 : SVC Connection Established |
Sub Rule |
VPN Session Started |
Network Traffic |
|
ASA-6-722023 : SVC Connection Terminated |
Sub Rule |
Session Disconnected |
Other Audit Success |
|
ASA-5-722033 : Connection Established For Session |
Sub Rule |
VPN Session Started |
Network Traffic |
|
ASA-4-722041 : IPv6 Not Available For Connection |
Sub Rule |
IPv6 Send Message Failed |
Warning |
|
ASA-6-722020 : IP Address Not Available |
Sub Rule |
IPv6 Send Message Failed |
Warning |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|
N/A |
<vmid> |
Number |
|
N/A |
<Severity> |
Number |
|
IP |
<sip> |
IP Address |
|
N/A |
<protname> |
Text/String |
|
User |
<login> |
Text/String |
|
N/A |
<subject> |
Text/String |
|
Group |
<group> |
Text/String |
|
N/A |
<object> |
Text/String |