Traffic Message

Vendor Documentation

https://www.websense.com/content/support/library/web/v85/siem/siem.pdf

Log Fields and Parsing

This section details the log fields available in this log message type, along with values parsed for both LogRhythm Default and LogRhythm Default v2.0 policies. A value of "N/A" (not applicable) means that there is no value parsed for a specified log field.

Log Field	LogRhythm Default	LogRhythm Default v2.0
Forcepoint	N/A	<vendorinfo>
productVersion	N/A	<version>
categoryNumber	<vmid>	N/A
Transaction	N/A	N/A
Severity	<severity>	<severity>
act	<tag1>, <command>	<action>
app	<protname>	<protname>
dvc	N/A	N/A
dst	<dip>	<dip>
dhost	<domainimpacted>, <dname>	<domainorigin>
dpt	<dport>	<dport>
src	<sip>	<sip>
spt	<sport>	<sport>
suser	<subject>, <group>	N/A
loginID	<login>	<login>
destinationTranslated Port	<domain>, <account>	<snatport>
rt	N/A	N/A
in	<bytesin>	<bytesin>
out	<bytesout>	<bytesout>
requestMethod	<process>	<command>
requestClientApplication	<useragent>	<useragent>
reason	<reason>,	<reason>
cs1Label	N/A	N/A
cs1	<object>	<policy>
cs2Label	N/A	N/A
cs2	N/A	N/A
cs3Label	N/A	N/A
cs3	<objectname>	<objecttype>
cn1Label	N/A	N/A
cn1	<responsecode>	<responsecode>
cn2Label	N/A	N/A
cn2	<seconds>	<milliseconds>
request	<url>	<url>
logRecordSource	N/A	N/A
fileName	N/A	<objectname>
fileTypeCode	N/A	<object>
categoryReasonCode	N/A	N/A
ccaResultAttr	N/A	<processid>
CloudAppID	N/A	N/A
CloudAppName	N/A	N/A
CloudAppRiskLevel	N/A	N/A
CloudAppType	N/A	N/A
ContentStripped	N/A	N/A
customerID	N/A	N/A
DSSexternalIncidentId	N/A	<threatid>
DSStimeStamp	N/A	N/A
keyword	N/A	N/A
networkDirection	N/A	N/A
protocolId	N/A	<protnum>
protocolVersion	N/A	N/A
proxysourceAddress	N/A	N/A
proxyStatusCode	N/A	N/A
refererURL	N/A	N/A
requestCount	N/A	<quantity>
roleID	N/A	N/A
serverStatusCode	N/A	N/A

Log Processing Settings

This section details log processing changes made from the LogRhythm Default policy to LogRhythm Default v2.0. In some cases, base rules are broken down into sub-rules to appropriately parse log message types by their event types.

LogRhythm Default

Regex ID	Rule Name	Rule Type	Common Event	Classification
1003198	Traffic Message	Base Rule	Network Traffic	Information
	Security Potentially Exploited Documents - Permit	Sub Rule	Data Compromised	Compromise
	Security Potentially Exploited Documents - Block	Sub Rule	Data Compromised	Compromise
	Security Advanced Malware Payloads - Permit	Sub Rule	Detected Malware Activity	Malware
	Security Advanced Mal Command And Control - Permit	Sub Rule	Detected Malware Activity	Malware
	Security Mobile Malware - Permit	Sub Rule	Detected Malware Activity	Malware
	Security Advanced Malware Payloads - Block	Sub Rule	Detected Malware Activity	Malware
	Security Advanced Mal Command And Control - Block	Sub Rule	Detected Malware Activity	Malware
	Security Mobile Malware - Block	Sub Rule	Detected Malware Activity	Malware
	Security Spyware - Permit	Sub Rule	Possible Spyware Activity	Malware
	Security Spyware - Block	Sub Rule	Possible Spyware Activity	Malware
	Security Keyloggers - Permit	Sub Rule	Possible Keylogger Activity	Malware
	Security Keyloggers - Block	Sub Rule	Possible Keylogger Activity	Malware
	Security Potentially Unwanted Software - Permit	Sub Rule	Suspicious Activity	Suspicious
	Security Potentially Unwanted Software - Block	Sub Rule	Suspicious Activity	Suspicious
	Social Web - Facebook Chat - Permit	Sub Rule	IM/Chat Activity	Misuse
	Internet Communication Web Chat - Permit	Sub Rule	IM/Chat Activity	Misuse
	Social Web - Facebook Facebook Games - Permit	Sub Rule	Game Activity	Misuse
	Games - Permit	Sub Rule	Game Activity	Misuse
	Social Web - YouTube - Permit	Sub Rule	Streaming Media	Misuse
	Social Web - YouTube YouTube Sharing - Permit	Sub Rule	Streaming Media	Misuse
	Social Web - YouTube Video Upload - Permit	Sub Rule	Streaming Media	Misuse
	Information Technology Proxy Avoidance - Permit	Sub Rule	Unauthorized Proxy Activity	Misuse
	Social Web - Various WordPress Commenting - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Various WordPress Posting - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Various Craigslist Posting - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Various - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - LinkedIn - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Twitter - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - LinkedIn Jobs - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - LinkedIn Connections - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - LinkedIn Updates - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Facebook - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - YouTube Commenting - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Facebook Events - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Facebook Photo Upload - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Facebook Friends - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Facebook Commenting - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Facebook Posting - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Twitter Follow - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Twitter Posting - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Facebook Groups - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Facebook Video Upload - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Facebook Questions - Permit	Sub Rule	Social Media Activity	Misuse
	Social Web - Facebook Apps - Permit	Sub Rule	Social Media Activity	Misuse
	Gambling - Permit	Sub Rule	Online Gambling	Misuse
	Social Web - Twitter Mail - Permit	Sub Rule	Unauthorized E-mail	Misuse
	Social Web - Facebook Mail - Permit	Sub Rule	Unauthorized E-mail	Misuse
	Social Web - LinkedIn Mail - Permit	Sub Rule	Unauthorized E-mail	Misuse
	Internet Communication General Email - Permit	Sub Rule	Unauthorized E-mail	Misuse
	Non-HTTP - Permit	Sub Rule	Unauthorized Activity	Misuse
	Adult Material Lingerie And Swimsuit - Permit	Sub Rule	Adult Content	Misuse
	Adult Material Sex Education - Permit	Sub Rule	Adult Content	Misuse
	Adult Material Sex - Permit	Sub Rule	Adult Content	Misuse
	Adult Material Adult Content - Permit	Sub Rule	Adult Content	Misuse
	Adult Material Nudity - Permit	Sub Rule	Adult Content	Misuse
	Adult Material - Permit	Sub Rule	Adult Content	Misuse
	Social Web - Facebook Chat - Block	Sub Rule	Failed IM/Chat Activity	Failed Misuse
	Social Web - Facebook Apps - Block	Sub Rule	Failed Unauthorized Program/Process	Failed Misuse
	Security Custom-Encrypted Uploads - Block	Sub Rule	Failed Unauthorized Program/Process	Failed Misuse
	IT Unauthorized Mobile Marketplaces - Block	Sub Rule	Failed Unauthorized Program/Process	Failed Misuse
	Extended Protection Dynamic DNS - Block	Sub Rule	Failed Unauthorized Program/Process	Failed Misuse
	Social Web - Facebook Facebook Games - Block	Sub Rule	Failed Game Activity	Failed Misuse
	Games - Block	Sub Rule	Failed Game Activity	Failed Misuse
Social Web - YouTube - Block	Sub Rule	Failed Streaming Media	Failed Misuse
Social Web - YouTube YouTube Sharing - Block	Sub Rule	Failed Streaming Media	Failed Misuse
Social Web - Facebook Video Upload - Block	Sub Rule	Failed Streaming Media	Failed Misuse
Social Web - YouTube Video Upload - Block	Sub Rule	Failed Streaming Media	Failed Misuse
Bandwidth Viral Video - Block	Sub Rule	Failed Streaming Media	Failed Misuse
Bandwidth Entertainment Video - Block	Sub Rule	Failed Streaming Media	Failed Misuse
Bandwidth Educational Video - Block	Sub Rule	Failed Streaming Media	Failed Misuse
Bandwidth Surveillance - Block	Sub Rule	Failed Streaming Media	Failed Misuse
Non-HTTP - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Various WordPress Commenting - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Various WordPress Posting- Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Various Craigslist Posting - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Various - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - LinkedIn - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - LinkedIn Jobs - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - LinkedIn Connections - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - LinkedIn Updates - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Facebook - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - YouTube Commenting- Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Facebook Events- Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Facebook Photo Upload - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Facebook Friends - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Facebook Commenting - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Facebook Posting - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Twitter - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Twitter Follow - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Twitter Mail - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Twitter Posting - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Facebook Groups - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
Social Web - Facebook Questions - Block	Sub Rule	Failed Social Media Activity	Failed Misuse
URL Blocked	Sub Rule	Failed Unauthorized Website	Failed Misuse
Society & Lifestyles Blogs & Personal Sites - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Business And Economy Hosted Business Apps - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Parked Domain - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Information Technology Web Collaboration - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Information Technology Web And Email Spam - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Education - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Business And Economy - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Adult Material - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Information Technology - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Special Events - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Society And Lifestyles - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Religion - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
News And Media - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Government - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Shopping - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Job Search - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Illegal Or Questionable - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Entertainment - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Advocacy Groups - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Abortion - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Weapons - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Violence - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Vehicles - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Travel - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Tasteless - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Sports - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Productivity Advertisements - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
IT URL Translation Sites - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Health - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Racism And Hate - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Militancy And Extremist - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Drugs - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Government Political Organizations - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Government Military - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Entertainment MP3 And Audio Dnld Services - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Education Cultural Institutions - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Business & Economy Financial Data & Services -Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
User-Defined - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Information Technology Hacking - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Internet Communication Web Chat - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Information Technology Web Hosting - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
IT Search Engines & Portals -Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Information Technology Proxy Avoidance - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Internet Communication General Email - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Society And Lifestyles Personals And Dating - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Society & Lifestyles LGBT Interest - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Society & Lifestyles Restaurants & Dining - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Religion Traditional Religions - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Religion NonTrad Religion/Occult/Folklore - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
News And Media Alternative Journals - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Abortion Pro-Choice - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Internet Communication - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Drugs Abused Drugs - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Drugs Supplements And Unregulated Compounds - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Drugs Prescribed Medications - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Society And Lifestyles Alcohol And Tobacco - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Productivity Freeware And Software Download - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Productivity Instant Messaging - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Education Educational Institutions - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Productivity Online Brokerage And Trading - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Adult Material Sex Education - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Abortion Pro-Life - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Bandwidth Internet Telephony - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Sport Sport Hunting And Gun Clubs - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Society And Lifestyles Hobbies - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Shopping Real Estate - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Shopping Internet Auctions - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Productivity Pay-to-Surf - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Bandwidth Internet Radio And TV - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Bandwidth Personal Network Storage & Backup - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Productivity Message Boards And Forums - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Drugs Marijuana - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Productivity - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Bandwidth Streaming Media - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Social Organizations - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Education Reference Materials - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Education Educational Materials - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Society And Lifestyles Social Networking - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Bandwidth - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Bandwidth Peer-to-Peer File Sharing- Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Miscellaneous Image Servers- Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Miscellaneous Images (Media)- Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Information Technology Computer Security - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Social Org Professional & Worker Org - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Social Org Social & Affiliation Organization - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Social Org Service & Philanthropic Org - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Internet Com Text And Media Messaging - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Internet Communication Organizational Email - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Miscellaneous File Download Servers - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Miscellaneous Uncategorized - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Miscellaneous Dynamic Content - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Miscellaneous Content Delivery Networks - Block	Sub Rule	Failed Unauthorized Website	Failed Misuse
Gambling - Block	Sub Rule	Failed Online Gambling	Failed Misuse
Social Web - Facebook Mail - Block	Sub Rule	Failed Unauthorized E-mail	Failed Misuse
Social Web - LinkedIn Mail - Block	Sub Rule	Failed Unauthorized E-mail	Failed Misuse
Miscellaneous Network Errors - Block	Sub Rule	Failed Unauthorized Activity	Failed Misuse
Miscellaneous Private IP Addresses - Block	Sub Rule	Failed Unauthorized Activity	Failed Misuse
Security - Block	Sub Rule	Failed Unauthorized Activity	Failed Misuse
Adult Material Lingerie And Swimsuit - Block	Sub Rule	Failed Adult Content	Failed Misuse
Adult Material Sex - Block	Sub Rule	Failed Adult Content	Failed Misuse
Adult Material Adult Content - Block	Sub Rule	Failed Adult Content	Failed Misuse
Adult Material Nudity - Block	Sub Rule	Failed Adult Content	Failed Misuse
Security Files Containing Passwords - Permit	Sub Rule	General Attack Activity	Attack
Security Suspicious Embedded Link - Permit	Sub Rule	General Attack Activity	Attack
Security Malicious Embedded IFrame - Permit	Sub Rule	General Attack Activity	Attack
Security Malicious Embedded Link - Permit	Sub Rule	General Attack Activity	Attack
Extend Protection Potentially Damage Contnt - Permit	Sub Rule	General Attack Activity	Attack
Extended Protection Emerging Exploits - Permit	Sub Rule	General Attack Activity	Attack
Security Bot Networks - Block	Sub Rule	General Attack Activity	Attack
Security Malicious Web Sites - Block	Sub Rule	General Attack Activity	Attack
Security Malicious Embedded IFrame - Block	Sub Rule	General Attack Activity	Attack
Security Malicious Embedded Link - Block	Sub Rule	General Attack Activity	Attack
Extend Protection Potentially Damage Content - Block	Sub Rule	General Attack Activity	Attack
Extended Protection Emerging Exploits - Block	Sub Rule	General Attack Activity	Attack
Extended Protection Elevated Exposure - Block	Sub Rule	General Attack Activity	Attack
Extended Protection - Block	Sub Rule	General Attack Activity	Attack
Extended Protection Elevated Exposure - Permit	Sub Rule	General Attack Activity	Attack
Extended Protection - Permit	Sub Rule	General Attack Activity	Attack
Security Bot Networks - Permit	Sub Rule	General Attack Activity	Attack
Security Malicious Web Sites - Permit	Sub Rule	General Attack Activity	Attack
Security Files Containing Passwords - Block	Sub Rule	General Attack Activity	Attack
Security Suspicious Embedded Link - Block	Sub Rule	General Attack Activity	Attack
Security Phishing And Other Frauds - Permit	Sub Rule	Phishing Activity	Attack
Security Phishing And Other Frauds - Block	Sub Rule	Phishing Activity	Attack
URL Permitted	Sub Rule	Traffic Allowed by Proxy	Network Allow
Security Custom-Encrypted Uploads - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
IT Unauthorized Mobile Marketplaces - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Extended Protection Dynamic DNS - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Bandwidth Viral Video - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Bandwidth Entertainment Video - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Government - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Education - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Business And Economy - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Abortion - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Information Technology - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Special Events - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Society And Lifestyles - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Religion - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
News And Media - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Sports - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Shopping - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Job Search - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Illegal Or Questionable - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Entertainment - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Advocacy Groups - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Drugs - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Weapons - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Violence - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Vehicles - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Travel - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Tasteless - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
User-Defined - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Productivity Advertisements - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
IT URL Translation Sites - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Health - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Racism And Hate - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Militancy And Extremist - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
IT Search Engines & Portals - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Government Political Organizations - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Government Military - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Entertainment MP3 And Audio Dnld Services - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Education Cultural Institutions - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Business & Economy Financial Data & Service - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Society & Lifestyles Restaurants & Dining - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Religion Traditional Religions - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Religion NonTrad Religion/Occult/Folklore - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
News And Media Alternative Journals - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Information Technology Hacking - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Information Technology Web Hosting - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Drugs Abused Drugs - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Drugs Supplements & Unregulated Compounds - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Drugs Prescribed Medications - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Society And Lifestyles Alcohol And Tobacco - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Society & Lifestyles Personals & Dating - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Society & Lifestyles LGBT Interest - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Productivity Instant Messaging - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Education Educational Institutions - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Productivity Online Brokerage And Trading - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Abortion Pro-Life - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Abortion Pro-Choice - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Internet Communication - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Sport Sport Hunting And Gun Clubs - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Society And Lifestyles Hobbies - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Shopping Real Estate - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Shopping Internet Auctions - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Productivity Pay-to-Surf - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Productivity Freeware And Software Dnld - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Bandwidth Personal Network Storage & Backup - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Productivity Message Boards And Forums - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Drugs Marijuana - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Productivity - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Bandwidth Streaming Media - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Bandwidth Internet Telephony - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Education Reference Materials - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Education Educational Materials - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Society And Lifestyles Social Networking - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Bandwidth - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Bandwidth Peer-to-Peer File Sharing - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Bandwidth Internet Radio And TV - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Information Technology Computer Security - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Security - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Social Org Professional & Worker Org - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Social Org Social &Affiliation Organization - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Social Org Service & Philanthropic Org - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Social Organizations - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Miscellaneous Dynamic Content - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Miscellaneous Content Delivery Networks - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Miscellaneous Private IP Addresses - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Miscellaneous Image Servers - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Miscellaneous Images (Media) - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Miscellaneous - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Information Technology Web And Email Spam - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Internet Com Text And Media Messaging - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Internet Com Organizational Email - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Miscellaneous File Download Servers - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Miscellaneous Uncategorized - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Miscellaneous Network Errors - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Bandwidth Educational Video - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Bandwidth Surveillance - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Society & Lifestyles Blogs & Personal Sites - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Business And Economy Hosted Business Apps - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Parked Domain - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Information Technology Web Collaboration - Permit	Sub Rule	Traffic Allowed by Proxy	Network Allow
Miscellaneous - Block	Sub Rule	Traffic Denied by IDS/IPS	Network Deny

LogRhythm Default v2.0

Regex ID	Rule Name	Rule Type	Common Event	Classification
1012561	V 2.0 : Forcepoint Secure Web Gateway Event	Base Rule	Gateway Message	Information