Vendor Documentation
Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|
|
V 2.0 : SEP Agent General Error Message |
Sub Rule |
General System Error |
Error |
|
V 2.0 : SEP Agent General Warning Message |
Sub Rule |
General System Warning |
Warning |
|
V 2.0 : SEP Agent General Information Message |
Sub Rule |
General System Information |
Information |
|
V 2.0 : SEP General Agent System Messages |
Base Rule |
General System Information |
Information |
|
V 2.0 : SEP Agent LiveUpdate Encountered Errors |
Sub Rule |
General LiveUpdate Error |
Error |
|
V 2.0 : SEP Agent LiveUpdate Cancelled |
Sub Rule |
General LiveUpdate Warning |
Warning |
|
V 2.0 : SEP Agent Content Update Failed |
Sub Rule |
Update Failure |
Error |
|
V 2.0 : SEP Agent General Critical Message |
Sub Rule |
General System Critical |
Critical |
|
V 2.0 : SEP Agent Version Information |
Sub Rule |
General Version Information |
Information |
|
V 2.0 : SEP Info Submission To Symantec Fail |
Sub Rule |
File Upload Failed |
Error |
|
V 2.0 : SEP File Info Submission To Symantec |
Sub Rule |
File Upload Failed |
Error |
|
V 2.0 : SEP File Submission To Symantec Failed |
Sub Rule |
File Upload Failed |
Error |
|
V 2.0 : SEP Agent LiveUpdate Succeeded |
Sub Rule |
LiveUpdate Suceeded |
Information |
|
V 2.0 : SEP Agent Content Update Succeeded |
Sub Rule |
Update Complete |
Information |
|
V 2.0 : SEP Process Already Running |
Sub Rule |
Process Is Already Running |
Warning |
|
V 2.0 : SEP File Info Submission To Symantec |
Sub Rule |
File Uploaded |
Information |
|
V 2.0 : SEP File Submission To Symantec Succeeded |
Sub Rule |
File Uploaded |
Information |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
|---|---|---|
|
N/A |
<severity> |
String/Number/Text |
|
N/A |
<dname> |
String/Number/Text |
|
N/A |
<subject> |
Text/String |
|
N/A |
<tag2> |
Text/String |
|
N/A |
<tag1> |
Text/String |