V 2.0 IP Session Initiated Event | LogRhythm Documentation

Vendor Documentation

https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/Syslog_Event_Types_and_Log_Samples

Rule Name	Rule Type	Classification	Common Event
V 2.0 IP Session Initiated Event	Base Rule	Information	Session Initialization

Device Key in Log Message	LogRhythm Schema	Data Type	Schema Description
N/A	N/A	N/A	flow start time
N/A	N/A	N/A	flow stop time
N/A	<object>	Text/String	device
N/A	<vendorinfo>	Text/String	event type
src	<sip>	IP Address	src_ip
dst	<dip>	IP Address	dst_ip
mac	<dmac>	Text/String	MAC_addr
protocol	<protname>	Text/String	protocol
sport	<sport>	Number	src_port
dport	<dport>	Number	dst_port
pattern	<action>	Text/String	action