Skip to main content
Skip table of contents

V 2.0 URL Threat Messages 1

Vendor Documentation

Classification

Rule Name

Rule Type

Common Event

Classification

V 2.0 URL Threat MessagesBase Rule

General Threat Message

Activity

V 2.0 Potentially Malicious URL Allowed

Sub RuleTraffic Allowed by ProxyNetwork Allow
V 2.0 Potential Spyware AllowedSub RuleTraffic Allowed by ProxyNetwork Allow
V 2.0 User Continue URL BlockSub RuleTraffic Allowed by ProxyNetwork Allow
V 2.0 User Overrode URL BlockSub RuleTraffic Allowed by ProxyNetwork Allow
V 2.0 Malicious URL BlockedSub RuleTraffic Denied by ProxyNetwork Deny

Mapping with LogRhythm Schema  

Device Key in Log MessageLogRhythm SchemaData Type
N/A<vmid>Text/String
N/A<vendorinfo>Text/String
N/A<severity>String/Number/Text
N/A<sip>Text/String/Number
N/A<dip>Text/String/Number
N/A<sport>Number
N/A<dport>Number
N/A<snatip>Text/String/Number
N/A<dnatip>Text/String/Number
N/A<snatport>Number
N/A<dnatport>Number
N/A<sinterface>Text/String/Number
N/A<dinterface>Text/String/Number
N/A<protname>Text/String
N/A<login>Text/String
N/A<domainorigin>Text/String
N/A<domainimpacted>Text/String
N/A<subject>Text/String
N/A<session>Text/String/Number
N/A<useragent>Text/String
N/A<url>Text/String
N/A<policy>Text/String
N/A<action>Text/String
N/A<quantity>Number
N/A<tag1>Text/String
N/A<tag2>Text/String
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.