Vendor Documentation
Log Fields and Parsing
This section details the log fields available in this log message type, along with values parsed for both LogRhythm Default and LogRhythm Default v2.0 policies. A value of "N/A" (not applicable) means that there is no value parsed for a specified log field.
|
Log Field |
LogRhythm Default |
LogRhythm Default v2.0 |
|---|---|---|
|
Forcepoint |
N/A |
<vendorinfo> |
|
productVersion |
N/A |
<version> |
|
categoryNumber |
<vmid> |
N/A |
|
Transaction |
N/A |
N/A |
|
Severity |
<severity> |
<severity> |
|
act |
<tag1>, <command> |
<action> |
|
app |
<protname> |
<protname> |
|
dvc |
N/A |
N/A |
|
dst |
<dip> |
<dip> |
|
dhost |
<domainimpacted>, <dname> |
<domainorigin> |
|
dpt |
<dport> |
<dport> |
|
src |
<sip> |
<sip> |
|
spt |
<sport> |
<sport> |
|
suser |
<subject>, <group> |
<login> |
|
loginID |
<login> |
<login> |
|
destinationTranslated Port |
<domain>, <account> |
<snatport> |
|
rt |
N/A |
N/A |
|
in |
<bytesin> |
<bytesin> |
|
out |
<bytesout> |
<bytesout> |
|
requestMethod |
<process> |
<command> |
|
requestClientApplication |
<useragent> |
<useragent> |
|
reason |
<reason>, |
<reason> |
|
cs1Label |
N/A |
N/A |
|
cs1 |
<object> |
<policy> |
|
cs2Label |
N/A |
N/A |
|
cs2 |
N/A |
N/A |
|
cs3Label |
N/A |
N/A |
|
cs3 |
<objectname> |
<objecttype> |
|
cn1Label |
N/A |
N/A |
|
cn1 |
<responsecode> |
<responsecode> |
|
cn2Label |
N/A |
N/A |
|
cn2 |
<seconds> |
<milliseconds> |
|
request |
<url> |
<url> |
|
logRecordSource |
N/A |
N/A |
|
fileName |
N/A |
<objectname> |
|
fileTypeCode |
N/A |
<object> |
|
categoryReasonCode |
N/A |
N/A |
|
ccaResultAttr |
N/A |
<processid> |
|
CloudAppID |
N/A |
N/A |
|
CloudAppName |
N/A |
N/A |
|
CloudAppRiskLevel |
N/A |
N/A |
|
CloudAppType |
N/A |
N/A |
|
ContentStripped |
N/A |
N/A |
|
customerID |
N/A |
N/A |
|
DSSexternalIncidentId |
N/A |
<threatid> |
|
DSStimeStamp |
N/A |
N/A |
|
keyword |
N/A |
N/A |
|
networkDirection |
N/A |
N/A |
|
protocolId |
N/A |
<protnum> |
|
protocolVersion |
N/A |
N/A |
|
proxysourceAddress |
N/A |
N/A |
|
proxyStatusCode |
N/A |
N/A |
|
refererURL |
N/A |
N/A |
|
requestCount |
N/A |
<quantity> |
|
roleID |
N/A |
N/A |
|
serverStatusCode |
N/A |
N/A |
Log Processing Settings
This section details log processing changes made from the LogRhythm Default policy to LogRhythm Default v2.0. In some cases, base rules are broken down into sub-rules to appropriately parse log message types by their event types.
LogRhythm Default
|
Regex ID |
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|---|
|
1003198
|
Traffic Message |
Base Rule |
Network Traffic |
Network Traffic |
|
URL Blocked |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
URL Permitted |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Non-HTTP - Permit |
Sub Rule |
Unauthorized Activity |
Misuse |
|
|
Social Web - Various WordPress Commenting- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Various WordPress Posting- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Various Craigslist Posting- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Various - Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - LinkedIn - Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Twitter - Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - YouTube - Permit |
Sub Rule |
Streaming Media |
Misuse |
|
|
Social Web - Facebook Facebook Games- Permit |
Sub Rule |
Game Activity |
Misuse |
|
|
Social Web - YouTube YouTube Sharing- Permit |
Sub Rule |
Streaming Media |
Misuse |
|
|
Social Web - Twitter Follow- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Twitter Mail- Permit |
Sub Rule |
Unauthorized E-mail |
Misuse |
|
|
Social Web - Twitter Posting- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Facebook Groups- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Facebook Video Upload- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Facebook Questions- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Facebook Chat- Permit |
Sub Rule |
IM/Chat Activity |
Misuse |
|
|
Social Web - Facebook Apps- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - YouTube Video Upload- Permit |
Sub Rule |
Streaming Media |
Misuse |
|
|
Social Web - YouTube Commenting- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Facebook Events- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Facebook Mail- Permit |
Sub Rule |
Unauthorized E-mail |
Misuse |
|
|
Social Web - Facebook Photo Upload- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Facebook Friends- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Facebook Commenting- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Facebook Posting- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - LinkedIn Jobs- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - LinkedIn Connections- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - LinkedIn Mail- Permit |
Sub Rule |
Unauthorized E-mail |
Misuse |
|
|
Social Web - LinkedIn Updates- Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Social Web - Facebook - Permit |
Sub Rule |
Social Media Activity |
Misuse |
|
|
Security Advanced Malware Payloads- Permit |
Sub Rule |
Detected Malware Activity |
Malware |
|
|
Security Advanced Mal Command And Control- Permit |
Sub Rule |
Detected Malware Activity |
Malware |
|
|
Security Files Containing Passwords- Permit |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security Custom-Encrypted Uploads- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
IT Unauthorized Mobile Marketplaces- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Security Mobile Malware- Permit |
Sub Rule |
Detected Malware Activity |
Malware |
|
|
Security Potentially Exploited Documents- Permit |
Sub Rule |
Data Compromised |
Compromise |
|
|
Extended Protection Dynamic DNS- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Bandwidth Viral Video- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Bandwidth Entertainment Video- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Bandwidth Educational Video- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Bandwidth Surveillance- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Security Suspicious Embedded Link- Permit |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security Malicious Embedded IFrame- Permit |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security Malicious Embedded Link- Permit |
Sub Rule |
General Attack Activity |
Attack |
|
|
Society & Lifestyles Blogs & Personal Sites-Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Business And Economy Hosted Business Apps- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Parked Domain - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Information Technology Web Collaboration- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Information Technology Web And Email Spam- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Internet Com Text And Media Messaging- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Internet Com Organizational Email- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Extend Protection Potentially Damage Contnt-Permit |
Sub Rule |
General Attack Activity |
Attack |
|
|
Extended Protection Emerging Exploits- Permit |
Sub Rule |
General Attack Activity |
Attack |
|
|
Extended Protection Elevated Exposure- Permit |
Sub Rule |
General Attack Activity |
Attack |
|
|
Extended Protection - Permit |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security Bot Networks- Permit |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security Potentially Unwanted Software- Permit |
Sub Rule |
Suspicious Activity |
Suspicious |
|
|
Security Keyloggers- Permit |
Sub Rule |
Possible Keylogger Activity |
Malware |
|
|
Security Phishing And Other Frauds- Permit |
Sub Rule |
Phishing Activity |
Attack |
|
|
Miscellaneous File Download Servers- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Security Spyware- Permit |
Sub Rule |
Possible Spyware Activity |
Malware |
|
|
Miscellaneous Uncategorized- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Miscellaneous Network Errors- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Miscellaneous Dynamic Content- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Miscellaneous Content Delivery Networks- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Miscellaneous Private IP Addresses- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Miscellaneous Image Servers- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Miscellaneous Images (Media)- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Miscellaneous - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Information Technology Computer Security- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Security Malicious Web Sites- Permit |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Social Org Professional & Worker Org - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Social Org Social &Affiliation Organization-Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Social Org Service & Philanthropic Org - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Social Organizations - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Education Reference Materials- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Education Educational Materials- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Society And Lifestyles Social Networking- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Bandwidth - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Bandwidth Peer-to-Peer File Sharing- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Bandwidth Internet Radio And TV- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Bandwidth Personal Network Storage & Backup-Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Productivity Message Boards And Forums- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Drugs Marijuana- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Productivity - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Bandwidth Streaming Media- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Bandwidth Internet Telephony- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Sport Sport Hunting And Gun Clubs- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Society And Lifestyles Hobbies- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Shopping Real Estate- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Shopping Internet Auctions- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Productivity Pay-to-Surf- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Productivity Freeware And Software Dnld- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Productivity Instant Messaging- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Education Educational Institutions- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Productivity Online Brokerage And Trading- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Adult Material Lingerie And Swimsuit- Permit |
Sub Rule |
Adult Content |
Misuse |
|
|
Adult Material Sex Education- Permit |
Sub Rule |
Adult Content |
Misuse |
|
|
Abortion Pro-Life- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Abortion Pro-Choice- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Internet Communication - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Drugs Abused Drugs- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Drugs Supplements & Unregulated Compounds- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Drugs Prescribed Medications- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Society And Lifestyles Alcohol And Tobacco- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Society & Lifestyles Personals & Dating- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Society & Lifestyles LGBT Interest-Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Society & Lifestyles Restaurants & Dining- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Religion Traditional Religions- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Religion NonTrad Religion/Occult/Folklore-Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
News And Media Alternative Journals- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Information Technology Hacking- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Internet Communication Web Chat- Permit |
Sub Rule |
IM/Chat Activity |
Misuse |
|
|
Information Technology Web Hosting- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
IT Search Engines & Portals-Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Information Technology Proxy Avoidance- Permit |
Sub Rule |
Unauthorized Proxy Activity |
Misuse |
|
|
Internet Communication General Email- Permit |
Sub Rule |
Unauthorized E-mail |
Misuse |
|
|
Government Political Organizations- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Government Military- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Entertainment MP3 And Audio Dnld Services- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Education Cultural Institutions- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Business & Economy Financial Data & Service-Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Adult Material Sex- Permit |
Sub Rule |
Adult Content |
Misuse |
|
|
Adult Material Adult Content- Permit |
Sub Rule |
Adult Content |
Misuse |
|
|
Adult Material Nudity- Permit |
Sub Rule |
Adult Content |
Misuse |
|
|
User-Defined - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Productivity Advertisements- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
IT URL Translation Sites- Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Health - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Racism And Hate - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Militancy And Extremist - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Drugs - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Weapons - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Violence - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Vehicles - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Travel - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Tasteless - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Sports - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Shopping - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Job Search - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Illegal Or Questionable - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Games - Permit |
Sub Rule |
Game Activity |
Misuse |
|
|
Gambling - Permit |
Sub Rule |
Online Gambling |
Misuse |
|
|
Entertainment - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Advocacy Groups - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Abortion - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Information Technology - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Special Events - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Society And Lifestyles - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Religion - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
News And Media - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Government - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Education - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Business And Economy - Permit |
Sub Rule |
Traffic Allowed by Proxy |
Network Allow |
|
|
Adult Material - Permit |
Sub Rule |
Adult Content |
Misuse |
|
|
Non-HTTP - Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Various WordPress Commenting- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Various WordPress Posting- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Various Craigslist Posting- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Various - Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - LinkedIn - Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Twitter - Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - YouTube - Block |
Sub Rule |
Failed Streaming Media |
Failed Misuse |
|
|
Social Web - Facebook Facebook Games- Block |
Sub Rule |
Failed Game Activity |
Failed Misuse |
|
|
Social Web - YouTube YouTube Sharing- Block |
Sub Rule |
Failed Streaming Media |
Failed Misuse |
|
|
Social Web - Twitter Follow- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Twitter Mail- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Twitter Posting- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Facebook Groups- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Facebook Video Upload- Block |
Sub Rule |
Failed Streaming Media |
Failed Misuse |
|
|
Social Web - Facebook Questions- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Facebook Chat- Block |
Sub Rule |
Failed IM/Chat Activity |
Failed Misuse |
|
|
Social Web - Facebook Apps- Block |
Sub Rule |
Failed Unauthorized Program/Process |
Failed Misuse |
|
|
Social Web - YouTube Video Upload- Block |
Sub Rule |
Failed Streaming Media |
Failed Misuse |
|
|
Social Web - YouTube Commenting- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Facebook Events- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Facebook Mail- Block |
Sub Rule |
Failed Unauthorized E-mail |
Failed Misuse |
|
|
Social Web - Facebook Photo Upload- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Facebook Friends- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Facebook Commenting- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Facebook Posting- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - LinkedIn Jobs- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - LinkedIn Connections- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - LinkedIn Mail- Block |
Sub Rule |
Failed Unauthorized E-mail |
Failed Misuse |
|
|
Social Web - LinkedIn Updates- Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Social Web - Facebook - Block |
Sub Rule |
Failed Social Media Activity |
Failed Misuse |
|
|
Security Advanced Malware Payloads- Block |
Sub Rule |
Detected Malware Activity |
Malware |
|
|
Security Advanced Mal Command And Control- Block |
Sub Rule |
Detected Malware Activity |
Malware |
|
|
Security Files Containing Passwords- Block |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security Custom-Encrypted Uploads- Block |
Sub Rule |
Failed Unauthorized Program/Process |
Failed Misuse |
|
|
IT Unauthorized Mobile Marketplaces- Block |
Sub Rule |
Failed Unauthorized Program/Process |
Failed Misuse |
|
|
Security Mobile Malware- Block |
Sub Rule |
Detected Malware Activity |
Malware |
|
|
Security Potentially Exploited Documents- Block |
Sub Rule |
Data Compromised |
Compromise |
|
|
Extended Protection Dynamic DNS- Block |
Sub Rule |
Failed Unauthorized Program/Process |
Failed Misuse |
|
|
Bandwidth Viral Video- Block |
Sub Rule |
Failed Streaming Media |
Failed Misuse |
|
|
Bandwidth Entertainment Video- Block |
Sub Rule |
Failed Streaming Media |
Failed Misuse |
|
|
Bandwidth Educational Video- Block |
Sub Rule |
Failed Streaming Media |
Failed Misuse |
|
|
Bandwidth Surveillance- Block |
Sub Rule |
Failed Streaming Media |
Failed Misuse |
|
|
Security Suspicious Embedded Link- Block |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security Malicious Embedded IFrame- Block |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security Malicious Embedded Link- Block |
Sub Rule |
General Attack Activity |
Attack |
|
|
Society & Lifestyles Blogs & Personal Sites- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Business And Economy Hosted Business Apps- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Parked Domain - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Information Technology Web Collaboration- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Information Technology Web And Email Spam- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Internet Com Text And Media Messaging- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Internet Communication Organizational Email- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Extend Protection Potentially Damage Content-Block |
Sub Rule |
General Attack Activity |
Attack |
|
|
Extended Protection Emerging Exploits- Block |
Sub Rule |
General Attack Activity |
Attack |
|
|
Extended Protection Elevated Exposure- Block |
Sub Rule |
General Attack Activity |
Attack |
|
|
Extended Protection - Block |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security Bot Networks- Block |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security Potentially Unwanted Software- Block |
Sub Rule |
Suspicious Activity |
Suspicious |
|
|
Security Keyloggers- Block |
Sub Rule |
Possible Keylogger Activity |
Malware |
|
|
Security Phishing And Other Frauds- Block |
Sub Rule |
Phishing Activity |
Attack |
|
|
Miscellaneous File Download Servers- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Security Spyware- Block |
Sub Rule |
Possible Spyware Activity |
Malware |
|
|
Miscellaneous Uncategorized- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Miscellaneous Network Errors- Block |
Sub Rule |
Failed Unauthorized Activity |
Failed Misuse |
|
|
Miscellaneous Dynamic Content- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Miscellaneous Content Delivery Networks- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Miscellaneous Private IP Addresses- Block |
Sub Rule |
Failed Unauthorized Activity |
Failed Misuse |
|
|
Miscellaneous Image Servers- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Miscellaneous Images (Media)- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Miscellaneous - Block |
Sub Rule |
Traffic Denied by IDS/IPS |
Network Deny |
|
|
Information Technology Computer Security- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Security Malicious Web Sites- Block |
Sub Rule |
General Attack Activity |
Attack |
|
|
Security - Block |
Sub Rule |
Failed Unauthorized Activity |
Failed Misuse |
|
|
Social Org Professional & Worker Org - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Social Org Social & Affiliation Organization-Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Social Org Service & Philanthropic Org - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Social Organizations - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Education Reference Materials- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Education Educational Materials- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Society And Lifestyles Social Networking- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Bandwidth - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Bandwidth Peer-to-Peer File Sharing- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Bandwidth Internet Radio And TV- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Bandwidth Personal Network Storage & Backup- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Productivity Message Boards And Forums- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Drugs Marijuana- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Productivity - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Bandwidth Streaming Media- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Bandwidth Internet Telephony- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Sport Sport Hunting And Gun Clubs- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Society And Lifestyles Hobbies- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Shopping Real Estate- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Shopping Internet Auctions- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Productivity Pay-to-Surf- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Productivity Freeware And Software Download- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Productivity Instant Messaging- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Education Educational Institutions- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Productivity Online Brokerage And Trading- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Adult Material Lingerie And Swimsuit- Block |
Sub Rule |
Failed Adult Content |
Failed Misuse |
|
|
Adult Material Sex Education- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Abortion Pro-Life- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Abortion Pro-Choice- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Internet Communication - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Drugs Abused Drugs- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Drugs Supplements And Unregulated Compounds- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Drugs Prescribed Medications- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Society And Lifestyles Alcohol And Tobacco- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Society And Lifestyles Personals And Dating- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Society & Lifestyles LGBT Interest-Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Society & Lifestyles Restaurants & Dining- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Religion Traditional Religions- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Religion NonTrad Religion/Occult/Folklore-Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
News And Media Alternative Journals- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Information Technology Hacking- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Internet Communication Web Chat- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Information Technology Web Hosting- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
IT Search Engines & Portals-Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Information Technology Proxy Avoidance- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Internet Communication General Email- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Government Political Organizations- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Government Military- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Entertainment MP3 And Audio Dnld Services- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Education Cultural Institutions- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Business & Economy Financial Data & Services-Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Adult Material Sex- Block |
Sub Rule |
Failed Adult Content |
Failed Misuse |
|
|
Adult Material Adult Content- Block |
Sub Rule |
Failed Adult Content |
Failed Misuse |
|
|
Adult Material Nudity- Block |
Sub Rule |
Failed Adult Content |
Failed Misuse |
|
|
User-Defined - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Productivity Advertisements- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
IT URL Translation Sites- Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Health - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Racism And Hate - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Militancy And Extremist - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Drugs - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Weapons - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Violence - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Vehicles - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Travel - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Tasteless - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Sports - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Shopping - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Job Search - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Illegal Or Questionable - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Games - Block |
Sub Rule |
Failed Game Activity |
Failed Misuse |
|
|
Gambling - Block |
Sub Rule |
Failed Online Gambling |
Failed Misuse |
|
|
Entertainment - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Advocacy Groups - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Abortion - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Information Technology - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Special Events - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Society And Lifestyles - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Religion - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
News And Media - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Government - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Education - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Business And Economy - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Adult Material - Block |
Sub Rule |
Failed Unauthorized Website |
Failed Misuse |
|
|
Security - Compromised Websites - Block |
Sub Rule |
Web Activity Blocked |
Failed Activity |
|
|
Security - Compromised Websites - Permit |
Sub Rule |
Network Compromised |
Compromise |
|
|
Extended Protection - Newly Reg. Websites - Block |
Sub Rule |
Web Activity Blocked |
Failed Activity |
|
|
Extended Protection - Newly Reg. Websites - Permit |
Sub Rule |
Web Activity Allowed |
Activity |
|
|
Collaboration - Office - Block |
Sub Rule |
Application Blocked |
Failed Activity |
|
|
Collaboration - Office - Permit |
Sub Rule |
General Traffic Allowed Information |
Information |
|
|
Collaboration - Office - Mail - Block |
Sub Rule |
Application Blocked |
Failed Activity |
|
|
Collaboration - Office - Mail - Permit |
Sub Rule |
General Traffic Allowed Information |
Information |
|
|
Collaboration - Office - Drive - Block |
Sub Rule |
Application Blocked |
Failed Activity |
|
|
Collaboration - Office - Drive - Permit |
Sub Rule |
General Traffic Allowed Information |
Information |
|
|
Collaboration - Office - Documents - Block |
Sub Rule |
Application Blocked |
Failed Activity |
|
|
Collaboration - Office - Documents - Permit |
Sub Rule |
General Traffic Allowed Information |
Information |
|
|
Collaboration - Office - Apps - Block |
Sub Rule |
Application Blocked |
Failed Activity |
|
|
Collaboration - Office - Apps - Permit |
Sub Rule |
General Traffic Allowed Information |
Information |
|
|
Information Technology - Web Analytics - Block |
Sub Rule |
Web Activity Blocked |
Failed Activity |
|
|
Information Technology - Web Analytics - Permit |
Sub Rule |
Web Activity Allowed |
Activity |
|
|
IT - Web And Email Marketing - Block |
Sub Rule |
Web Activity Blocked |
Failed Activity |
|
|
IT - Web And Email Marketing - Permit |
Sub Rule |
Web Activity Allowed |
Activity |
|
|
Generative AI - Text And Code - Block |
Sub Rule |
Application Blocked |
Failed Activity |
|
|
Generative AI - Text And Code - Permit |
Sub Rule |
General Traffic Allowed Information |
Information |
|
|
Generative AI - Conversation - Block |
Sub Rule |
Application Blocked |
Failed Activity |
|
|
Generative AI - Conversation - Permit |
Sub Rule |
General Traffic Allowed Information |
Information |
|
|
Generative AI - Multimedia - Block |
Sub Rule |
Application Blocked |
Failed Activity |
|
|
Generative AI - Multimedia - Permit |
Sub Rule |
General Traffic Allowed Information |
Information |
|
|
Other AI ML Applications - Block |
Sub Rule |
Application Blocked |
Failed Activity |
|
|
Other AI ML Applications - Permit |
Sub Rule |
General Traffic Allowed Information |
Information |
LogRhythm Default v2.0
|
Regex ID |
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|---|
|
1012561 |
V 2.0 : Forcepoint Secure Web Gateway Event |
Base Rule |
Gateway Message |
Information |