Breadcrumbs

Usermod Messages

Classification

Rule Name

Rule Type

Classification

Common Event

Usermod Messages

Base Rule

Account Modified

User Account Attribute Modified

General User Account Modification

Sub Rule

Account Modified

User Account Attribute Modified

User ID Changed

Sub Rule

Account Modified

User Account Attribute Modified

Password Change

Sub Rule

Account Modified

Password Modified

User ID Changed To Root

Sub Rule

Account Modified

Group Attribute Modified

Group ID Changed To Root

Sub Rule

Account Modified

Group Attribute Modified

Group ID Changed

Sub Rule

Account Modified

Group Attribute Modified

Mapping with LogRhytm Schema  

Device Key in Log Message

LogRhythm Schema

Data Type

N/A

<login>

Text\String

N/A

<tag1>

Text\String

N/A

<tag2>

Text\String

N/A

<tag3>

Text\String