Transport Layer Security Messages
Vendor Documentation
Classification
| Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| Transport Layer Security Messages | Base Rule | Ops/Information | Prepared TLS Message |
| TLS Injection Connection Success | Sub Rule | Ops/Information | Client Protocol Request |
| TLS Delivery Connection Success | Sub Rule | Ops/Information | Client Protocol Request |
| Remote Host Did Not Initiate Required TLS | Sub Rule | Ops/Warning | Remote Host Invalid Connection |
| TLS Failed | Sub Rule | Ops/Warning | Bad Packet Length |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
<protname> | Text\String | ||
| <process> | Text\String | ||
| DCID | <processid> | Number | |
| <object> | Text\String | ||
| <tag1> | Text\String | ||
| <tag2> | Text\String |