V 2.0 : Web-UI Events
Vendor Documentation
Classification
| Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
| V 2.0 : Web-UI Events | Base Rule | General Information | Information |
Mapping with LogRhythm Schema
| Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
|---|---|---|---|
| Web-UI | <vmid> | N/A | Product name. |
| Originip | <sip> | IP Address | IP of the log origin. |
| origin | N/A | N/A | Name of the first Security Gateway that reported this event. |
| operation | N/A | N/A | N/A |
| subject | <subject> | Text/String | N/A |
| status | <status> | Text/String | N/A |
| administrator | <login> | Text/String | N/A |
| client | N/A | N/A | N/A |
| performedon | <object> | Text/String | N/A |
| objecttable | N/A | N/A | N/A |
| objecttype | <objecttype> | Text/String | N/A |
| generalinformation | N/A | N/A | N/A |
| time | N/A | N/A | N/A |
| Action | <action> | Text/String | N/A |
| ifdirection | N/A | N/A | N/A |
| ifname | <sinterface> | Text/String | The name of the Security Gateway interface through which a connection traverses. |
| alert | N/A | N/A | N/A |
| flags | N/A | N/A | N/A |
| loguid | N/A | N/A | N/A |
| originsicname | N/A | N/A | N/A |
| sequencenum | N/A | N/A | N/A |
| version | <version> | Text/String | N/A |
| fieldschanges | N/A | N/A | N/A |