VMware UAG : Audit Events
Vendor Documentation
Classification
Rule Name | Rule Type | Common Event | Classification |
---|---|---|---|
VMware UAG : Audit Events | Base Rule | General Audit Message | Other Audit |
VMware UAG : Admin Logon | Sub Rule | User Logon | Authentication Success |
VMware UAG : Config Change | Sub Rule | Object Modified | Access Success |
VMware UAG : Admin Logout | Sub Rule | User Logoff | Authentication Success |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
---|---|---|
log level | <severity> | Text/String |
log message | <action> <tag1> | Text/String |
SOURCE_IP_ADDR | <sip> | IP Address |
USERNAME | <login> | Text/String |
CHANGE | <vendorinfo> | Text/String |