V 2.0 Flood/Packet Threat Messages 1
Vendor Documentation
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
V 2.0 Flood/Packet Threat Messages | Base Rule | General Threat Message | Activity |
| V 2.0 Potential Denial Of Service Blocked Messages | Sub Rule | Network Denial Of Service | Denial Of Service |
| V 2.0 Potential Denial Of Service Blocked Messages | Sub Rule | Failed Network Denial Of Service | Failed Denial of Service |
| V 2.0 Potentially Threatening Packet Dropped | Sub Rule | Failed Protocol Anomaly | Failed Attack |
| V 2.0 Potentially Threatening Packet Allowed | Sub Rule | General Attack Activity | Attack |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| N/A | <vmid> | Text/String |
| N/A | <severity> | Text/String |
| N/A | <sip> | Number |
| N/A | <dip> | Number |
| N/A | <snatip> | Number |
| N/A | <dnatip> | Number |
| N/A | <sinterface> | Text/String |
| N/A | <dinterface> | Text/String |
| N/A | <protname> | Text/String |
| N/A | <threatname> | Text/String |
| N/A | <threatid> | Number |
| N/A | <policy> | Text/String |
| N/A | <action> | Text/String |
| N/A | <tag1> | Text/String |
| N/A | <tag2> | Text/String |