Warning Messages
Vendor Documentation
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
Warning Messages | Base Rule | General Warning Log Message | Warning |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
|---|---|---|---|
Header: Severity | <severity> | Text/String | N/A |
N/A | N/A | N/A | LepideDataSecurityPlatform[] |
N/A | N/A | N/A | Warning |
N/A | N/A | N/A | N/A |
Who | <domainorigin><login> | Text/String | N/A |
Where | <sname> OR <sip> | Text/String/IP Address | N/A |
Reason | <reason> | Text/String | N/A |
Object Path | <parentprocesspath> | Text/String | N/A |
Content Type | <object> | Text/String | N/A |
Risk Level | N/A | N/A | N/A |
Compliance | N/A | N/A | N/A |
Monetary Value | N/A | N/A | N/A |
Operation | <action> | Text/String | N/A |
Event Status | <status> | Text/String | N/A |
Process Name | <process> | Text/String | N/A |
From | <dname> OR <dip> | Text/String/IP Address | N/A |
What | <subject> | Text/String | N/A |