Classification
|
Rule Name |
Rule Type |
Classification |
Common Event |
|---|---|---|---|
|
Systemd Messages |
Base Rule |
Information |
General System Information |
|
OpenSSH Failure |
Sub Rule |
Error |
Failed Process Start |
|
Unit Entered Failed State |
Sub Rule |
Warning |
General Host Warning |
|
Starting Session |
Sub Rule |
Network Traffic |
VPN Session Started |
|
Started Session |
Sub Rule |
Network Traffic |
VPN Session Started |
|
Started Hostname Service |
Sub Rule |
Information |
Service Started |
|
Started Network Manager Script Dispatcher Service |
Sub Rule |
Information |
Service Started |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
N/A |
<severity> |
Text/String |
|
unit |
<dname> |
Text/String |
|
N/A |
<parentprocessname> |
Text/String |
|
systemd |
<process> |
Text/String |
|
N/A |
<subject> |
Text/String |
|
N/A |
<tag2> |
Text/String |
|
N/A |
<tag1> |
Text/String |
|
N/A |
<login> |
Text/String |
|
N/A |
<result> |
Text/String |