User Authentication And Session Message

Vendor Documentation

Classification

Rule Name	Rule Type	Classification	Common Event
User Authentication And Session Message	Base Rule	Information	General Event Log Information
Admin: User Account Modified	Sub Rule	Account Modified	User Account Attribute Modified
Admin: Server Shutdown Activity	Sub Rule	Startup and Shutdown	System Shutdown
Admin: Session Timed Out	Sub Rule	Information	User Session Timeout
Admin: Forcing Off User	Sub Rule	Authentication Success	User Logoff
Admin: Password Realm Restrictions Failed	Sub Rule	Authentication Failure	User Logon Failure
Admin: User Logged Out	Sub Rule	Authentication Success	User Logoff
Admin: Password Change Failed Activity	Sub Rule	Other Audit Failure	Failed Password Change Attempt
Access: Login Succeeded Activity	Sub Rule	Authentication Success	User Logon
Access: Session Terminated	Sub Rule	Information	Session Ended
Access: Login Failed Activity	Sub Rule	Authentication Failure	User Logon Failure