Skip to main content
Skip table of contents

V 2.0 : Catch All

Vendor Documentation

https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

Classification

Rule Name

Rule Type

Common Event

Classification

V 2.0 : Catch AllBase RuleGeneral Information Log MessageInformation
V 2.0 : EVID 255 : Error EncounteredSub RuleGeneral Error MessageError

Mapping with LogRhythm Schema  

Device Key in Log MessageLogRhythm SchemaData Type
EventID <vmid>Number
Level<severity> Text/String/Number
Task<vendorinfo>Text/String/Number
Keywords<result>Text/String/Number
Computer<dname>Text/String/Number


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close