V 2.0 : Action History Events
Vendor Documentation
Classification
| Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| V 2.0 : Action History Events | Base Rule | General Audit | Other Audit Success |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
|---|---|---|---|
| N/A | N/A | N/A | Vendor or Manufacturer Name |
| N/A | N/A | N/A | Product Name |
| N/A | N/A | N/A | Product Version |
| N/A | N/A | N/A | EventID |
| ActionId | N/A | N/A | N/A |
| ActionName | <action> | Text/String | N/A |
| PackageName | N/A | N/A | N/A |
| Comment | N/A | N/A | N/A |
| Status | <status> | Text/String | N/A |
| Issuer | <login> | Text/String | N/A |
| SourceId | N/A | N/A | N/A |
| StartTime | N/A | N/A | N/A |
| Expiration | N/A | N/A | N/A |
| InsertTime | N/A | N/A | N/A |
| Command | <command> | Text/String | N/A |
| DistributeOver | N/A | N/A | N/A |
| Approver | <account> | Text/String | N/A |