Skip to main content
Skip table of contents

Syslog - LogRhythm NetMon V 2.0 : General Diagnostics Event

Vendor Documentation

Classification

Rule Name

Rule Type

Common Event

Classification

V 2.0: General Diagnostics Event

Base Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: NOT SET Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: SERVICE START Messages

Sub Rule

Service Started

Information

V 2.0: SERVICE TERMINATE Messages

Sub Rule

Process/Service Stopped

Startup and Shutdown

V 2.0: ELASTIC SEARCH HEALTH Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: DRIVE 50 PERCENT Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: DRIVE 90 PERCENT Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: SEARCH Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: AUTHENTICATION SUCCESS Messages

Sub Rule

General Authentication Information

Information

V 2.0: AUTHENTICATION FAILURE Messages

Sub Rule

General Authentication Information

Information

V 2.0: LOGOUT Messages

Sub Rule

Logout Request

Information

V 2.0: EXPIRED SESSION Messages

Sub Rule

Session Message

Information

V 2.0: NM CONFIG CHANGE Messages

Sub Rule

Configuration Information

Information

V 2.0: SECURITY CONFIG CHANGE Messages

Sub Rule

Configuration Information

Information

V 2.0: PASSWORD CHANGE Messages

Sub Rule

Performing Password Change

Information

V 2.0: USER CREATED Messages

Sub Rule

User Account Created

Account Created

V 2.0: USER SETTING CHANGED Messages

Sub Rule

Object Modified

Access Success

V 2.0: FILE RECONSTRUCTION Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: PCAP RECONSTRUCTION Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: USER DELETED Messages

Sub Rule

User Account Deleted

Account Deleted

V 2.0: RESTART SERVICES Messages

Sub Rule

Process/Service Restarting

Startup and Shutdown

V 2.0: SHUTDOWN Messages

Sub Rule

System Shutdown

Startup and Shutdown

V 2.0: REBOOT Messages

Sub Rule

Process/Service Restarting

Startup and Shutdown

V 2.0: LICENSE CHANGE Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: NM UPGRADE Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: DPA RULE ADDED Messages

Sub Rule

Object Added

Access Success

V 2.0: DPA RULE ENABLED Messages

Sub Rule

Object Modified

Access Success

V 2.0: DPA RULE DISABLED Messages

Sub Rule

Object Modified

Access Success

V 2.0: DPA RULE MODIFIED Messages

Sub Rule

Object Modified

Access Success

V 2.0: DPA RULE UPLOADED Messages

Sub Rule

Object Modified

Access Success

V 2.0: DPA RULE DELETED Messages

Sub Rule

Object Deleted/Removed

Access Success

V 2.0: NM UPGRADE FAILURE Messages

Sub Rule

Object Update Failed

Error

V 2.0: NM UPGRADE SUCCES Messages

Sub Rule

Object Modified

Access Success

V 2.0: FILE DOWNLOADED Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: FILE UPLOADED Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

V 2.0: DPA RULES RELOADED Messages

Sub Rule

LogRhythm Diagnostics Event

Other Operations

Mapping with LogRhythm Schema

Device Key in Log Message

LogRhythm Schema

Data Type

Schema Description

N/A

<severity>

Text/String

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

CODE

<vmid>
<tag1>

Number

N/A

SEVERITY

<severity>

Text/String

N/A

SERVICENAME

<objectname>

Text/String

N/A

EVENT

<process>

Text/String

N/A

USER

<login>

Text/String

N/A

IP

<sip>

Ip Address

N/A

MESSAGE

<subject>

Text/String

N/A

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.