Skip to main content
Skip table of contents

V 2.0 Rogue SSID/SSID Spoofing Detected Event

Vendor Documentation

Classification

Rule NameRule TypeClassification

Common Event

V 2.0 Rogue SSID/SSID Spoofing Detected EventBase RuleSuspiciousSuspicious Activity
V 2.0 Rogue SSID DetectedSub RuleSuspiciousSuspicious Activity
V 2.0 SSID Spoofing DetectedSub RuleAttackSpoofing Activity

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData TypeSchema Description
N/A<vendorinfo>Text/Stringevent type
type<action>
<tag1>
Text/String
Text/String
description
ssidN/AN/AN/A
bssidN/AN/AN/A
src<smac>Text/StringN/A
dst<dmac>Text/StringN/A
wired_macN/AN/AN/A
vlan_idN/AN/AN/A
channelN/AN/AN/A
rssiN/AN/AN/A
fc_typeN/AN/AN/A
fc_subtypeN/AN/AN/A
vapN/AN/AN/A
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.