Skip to main content
Skip table of contents

V 2.0 : SEP SONAR General Susp. Activity Detected 1

Vendor Documentation

https://knowledge.broadcom.com/external/article?legacyId=TECH171741#Agent_Proactive_Detection

Classification

Rule Name

Rule Type

Common Event

Classification

V 2.0 : SEP SONAR General Susp. Activity DetectedBase RuleSuspicious ActivitySuspicious
V 2.0 : SEP SONAR Susp. Activity : Allowed By UserSub RuleGeneral SecurityOther Security
V 2.0 : SEP SONAR Susp. Actvty : All Actions FailSub RuleGeneral Antivirus ErrorError
V 2.0 : SEP SONAR Suspicious Actvty : QuarantinedSub RuleQuarantined MessageFailed Activity
V 2.0 : SEP SONAR Susp. Activity : Access DeniedSub RuleAccess DeniedWarning
V 2.0 : SEP SONAR Malware Found : Partially RepairSub RuleDetected Malware ActivityMalware
V 2.0 : SEP SONAR Malware Found : Details PendingSub RuleDetected Malware ActivityMalware
V 2.0 : SEP SONAR Malware Found : No Action TakenSub RuleDetected Malware ActivityMalware
V 2.0 : SEP SONAR Suspicious ActivitySub RuleSuspicious ActivitySuspicious
V 2.0 : SEP SONAR Susp. Activity : Details PendingSub RuleSuspicious ActivitySuspicious
V 2.0 : SEP SONAR Susp. Activity : No Action TakenSub RuleSuspicious ActivitySuspicious
V 2.0 : SEP SONAR Malware Found : QuarantinedSub RuleFailed Malware ActivityFailed Malware
V 2.0 : SEP SONAR Threat Found : DeletedSub RuleThreat DeletedFailed Activity

Mapping with LogRhythm Schema  

Device Key in Log MessageLogRhythm SchemaData Type
N/A<severity>Number
N/A<dip>Number
N/A<dname>String/Number/Text
N/A<account>Text/String
N/A<domainorigin>Text/String
N/A<process>Text/String
N/A<object>Text/String
N/A<subject>Text/String
N/A<threatname>String/Number/Text
N/A<hash>String/Number/Text
N/A<url>String/Number/Text
N/A<action>Text/String
N/A<quantity>Number
N/A<size>Number
N/A<tag2>Text/String
N/A<tag1>Text/String
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close