Systemd Messages
Classification
Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Systemd Messages | Base Rule | Information | General System Information |
| OpenSSH Failure | Sub Rule | Error | Failed Process Start |
| Unit Entered Failed State | Sub Rule | Warning | General Host Warning |
| Starting Session | Sub Rule | Network Traffic | VPN Session Started |
| Started Session | Sub Rule | Network Traffic | VPN Session Started |
| Started Hostname Service | Sub Rule | Information | Service Started |
| Started Network Manager Script Dispatcher Service | Sub Rule | Information | Service Started |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| N/A | <severity> | Text/String |
| unit | <dname> | Text/String |
| N/A | <parentprocessname> | Text/String |
| systemd | <process> | Text/String |
| N/A | <subject> | Text/String |
| N/A | <tag2> | Text/String |
| N/A | <tag1> | Text/String |
| N/A | <login> | Text/String |
| N/A | <result> | Text/String |