Skip to main content
Skip table of contents

V 2.0 Configuration Messages 1

Log Fields and Parsing

This section details the log fields available in this log message type, along with values parsed for both LogRhythm Default and LogRhythm Default v2.0 policies. A value of "N/A" (not applicable) means that there is no value parsed for a specified log field.

Log Field

LogRhythm Default

LogRhythm Default v2.0

Type (type)N/A<vmid>
Threat/Content Type (subtype)N/A<vendorinfo>
Host (host)<sip><sip>
Command (cmd)<action>
<tag1>		<command>
<tag1>
Admin (admin)<login><login>
Client (client)N/A<sessiontype>
Result (result)<tag2><result>
<tag2>
Configuration Path (path)<object>
<account>		<object>
Sequence Number (seqno)<session>N/A
Device Name (device_name)<dname><objectname>

Log Processing Settings

This section details log processing changes made from the LogRhythm Default policy to LogRhythm Default v2.0. In some cases, base rules are broken down into sub-rules to appropriately parse log message types by their event types.

LogRhythm Default

Regex IDRule NameRule TypeCommon EventsClassifications
1001983Configuration Logs Base RuleConfiguration Modified : SystemConfiguration
Configuration Commit : SubmittedSub RuleConfiguration Enabled : SystemConfiguration
Configuration Edit : SucceededSub RuleConfiguration Modified : SystemConfiguration
Configuration Delete : SucceededSub RuleConfiguration Deleted : SystemConfiguration
Configuration Move : SucceededSub RuleConfiguration Modified : SystemConfiguration
Configuration Rename : SucceededSub RuleConfiguration Modified : SystemConfiguration
Configuration Set : SucceededSub RuleConfiguration Enabled : SystemConfiguration

LogRhythm Default v2.0

Regex ID

Rule Name

Rule Type

Common Events

Classifications

1010894V 2.0 Configuration Messages
Base RuleConfiguration Modified : System

Configuration

V 2.0 Configuration Apply FailureSub RuleFailed ConfigurationWarning
V 2.0 Unauthorized Configuration Change AttemptSub RuleFailed ConfigurationOther Audit Failure
V 2.0 Configuration Item DeletedSub RuleConfiguration Deleted : SystemConfiguration
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close