Skip to main content
Skip table of contents

Web Application Violation Messages

Classification

Rule Name

Rule Type

Common Event

Classification

Web Application Violation MessagesBase RuleNetwork Traffic ViolationWarning
General Web App Violation : CriticalSub RuleGeneral Traffic Violation CriticalCritical
General Web App Violation : WarningSub RuleGeneral Traffic Violation WarningWarning
General Web App Violation : ErrorSub RuleGeneral Traffic Violation ErrorError
General Web App Violation : InformationalSub RuleGeneral Traffic Violation InformationInformation
Web App Violation : Buffer OverflowSub RuleBuffer Overflow/UnderflowAttack
Web App Violation : Cross Site ScriptingSub RuleCross-Site ScriptingAttack
Web App Violation : Detection EvasionSub RuleSuspicious User ActivitySuspicious
Web App Violation : HTTP Parser AttackSub RuleGeneral Attack ActivityAttack
Web App Violation : Injection AttemptSub RuleSQL InjectionAttack
Web App Violation : Parameter TamperingSub RuleGeneral Attack ActivityAttack
Web App Violation : Web ScrapingSub RuleUnauthorized Program/ProcessMisuse

Mapping with LogRhythm Schema  

Device Key in Log Message

LogRhythm Schema

Data Type

severity<severity>Text/String
violations<vmid>Text/String
ip_client<sip>IP Address
dest_ip<dip>IP Address
unit_hostname<dname>Text/String
src_port<sport>Number
dest_port<dport>Number
protocol<protname>Text/String
support_id<session>Number
web_application_name<process>Text/String
User-Agent<object>Text/String
response_code<subject>Number
violations<threatname>Text/String
N/A<version>Number
User-Agent<useragent>Text/String
uri<url>Text/String
method<command>Text/String
response_code<responsecode>Number
request_status<status>Text/String
N/A<tag1>Text/String
severity<tag2>Text/String
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close