Vendor Documentation
Classification
|
Rule Name |
Rule Type |
Common Event |
Classification |
|---|---|---|---|
|
Warning Messages |
Base Rule |
General Warning Log Message |
Warning |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
Schema Description |
|---|---|---|---|
|
Header: Severity |
<severity> |
Text/String |
N/A |
|
N/A |
N/A |
N/A |
LepideDataSecurityPlatform[] |
|
N/A |
N/A |
N/A |
Warning |
|
N/A |
N/A |
N/A |
N/A |
|
Who |
<domainorigin><login> |
Text/String |
N/A |
|
Where |
<sname> OR <sip> |
Text/String/IP Address |
N/A |
|
Reason |
<reason> |
Text/String |
N/A |
|
Object Path |
<parentprocesspath> |
Text/String |
N/A |
|
Content Type |
<object> |
Text/String |
N/A |
|
Risk Level |
N/A |
N/A |
N/A |
|
Compliance |
N/A |
N/A |
N/A |
|
Monetary Value |
N/A |
N/A |
N/A |
|
Operation |
<action> |
Text/String |
N/A |
|
Event Status |
<status> |
Text/String |
N/A |
|
Process Name |
<process> |
Text/String |
N/A |
|
From |
<dname> OR <dip> |
Text/String/IP Address |
N/A |
|
What |
<subject> |
Text/String |
N/A |