V 2.0 Vulnerability Threat Messages

Vendor Documentation

https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-log-fields.html

Classification

Rule Name	Rule Type	Common Event	Classification
V 2.0 Vulnerability Threat Messages	Base Rule	Vuln Medium Severity : Firewall	Vulnerability
V 2.0 Potential Vulnerability Exploit Alert	Sub Rule	Vuln Medium Severity : Information Gathering	Vulnerability
V 2.0 Potential Vulnerability Exploit Allowed	Sub Rule	Potential Vulnerability Exploit Allowed	Activity
V 2.0 Vulnerability Exploit Blocked	Sub Rule	Failed General Attack Activity	Failed Attack

Mapping with LogRhythm Schema

Device Key in Log Message	LogRhythm Schema	Data Type
N/A	<vmid>	Text/String
N/A	<vendorinfo>	Text/String
N/A	<tag1>	Text/String
N/A	<sip>	IP Address
N/A	<dip>	IP Address
N/A	<snatip>	IP Address
N/A	<dnatip>	IP Address
N/A	<policy>	Text/String/Number
N/A	<domainorigin>	Text/String/Number
N/A	<login>	Number/Text/String
N/A	<domainimpacted>	Text/String/Number
N/A	<account>	Text/String/Number
N/A	<sinterface>	Number/Text/String
N/A	<dinterface>	Text/String/Number
N/A	<session>	Text/String/Number
N/A	<quantity>	Text/String/Number
N/A	<sport>	Number
N/A	<dport>	Number
N/A	<snatport>	Text/String/Number
N/A	<dnatport>	Number
N/A	<protname>	Text/String
N/A	<action>	Text/String
N/A	<tag2>	Number/Text/String
N/A	<object>	Text/String
N/A	<threatname>	Text/String
N/A	<threatid>	Number
N/A	<subject>	Text/String
N/A	<severity>	Text/String

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.