Skip to main content
Skip table of contents

Web Server Access

Vendor Documentation

https://docs.microsoft.com/en-us/previous-versions/iis/6.0-sdk/ms525807(v=vs.90)


Classification

Rule NameRule TypeCommon EventClassification
Web Server AccessBase RuleObject AccessedAccess Success
HTTP - GET - 200 : Success Reply - OKSub RuleHTTP 200 : Success Reply - OKInformation
HTTP GET - 304 Redirect - Not ModifiedSub RuleHTTP 304 : Redirect - Not ModifiedInformation
HTTP GET - 400 - Req Error - Bad RequestSub RuleHTTP 400 : Request Error - Bad RequestError
HTTP POST - 400 - Req Error - Bad RequestSub RuleHTTP 400 : Request Error - Bad RequestError
HTTP - 400 - Req Error - Bad RequestSub RuleHTTP 400 : Request Error - Bad RequestError
HTTP GET - 401 - Req Error - UnauthorizedSub RuleHTTP 401 : Request Error - UnauthorizedError
HTTP POST - 401 - Req Error - UnauthorizedSub RuleHTTP 401 : Request Error - UnauthorizedError
HTTP - 401 - Req Error - UnauthorizedSub RuleHTTP 401 : Request Error - UnauthorizedError
HTTP - 402 - Req Error - Payment RequiredSub RuleHTTP 402 : Request Error - Payment RequiredError
HTTP GET - 403 - Req Error - ForbiddenSub RuleHTTP 403 : Request Error - ForbiddenError
HTTP POST - 403 - Req Error - ForbiddenSub RuleHTTP 403 : Request Error - ForbiddenError
HTTP - 403 - Req Error - ForbiddenSub RuleHTTP 403 : Request Error - ForbiddenError
HTTP GET - 404 - Req Error - Not FoundSub RuleHTTP 404 : Request Error - Not FoundError
HTTP POST - 404 - Req Error - Not FoundSub RuleHTTP 404 : Request Error - Not FoundError
HTTP - 404 - Req Error - Not FoundSub RuleHTTP 404 : Request Error - Not FoundError
HTTP POST - 405 - Req Error - Method Not AllowedSub RuleHTTP 405 : Request Error - Method Not AllowedError
HTTP - 405 - Req Error - Method Not AllowedSub RuleHTTP 405 : Request Error - Method Not AllowedError
HTTP GET - 500 - Svr Error - Internal Server ErrorSub RuleHTTP 500 : Server Error - Internal Server ErrorError
HTTP POST- 500 - Svr Error - Internal Server ErrorSub RuleHTTP 500 : Server Error - Internal Server ErrorError
HTTP - 500 - Svr Error - Internal Server ErrorSub RuleHTTP 500 : Server Error - Internal Server ErrorError
HTTP - 502 - Svr Error - Bad GatewaySub RuleHTTP 502 : Server Error - Bad GatewayError
HTTP - 502 - Svr Error - Bad GatewaySub RuleHTTP 502 : Server Error - Bad GatewayError
HTTP GET - 503 - Svr Error - Service UnavailableSub RuleHTTP 503 : Server Error - Service UnavailableError
HTTP POST - 503 - Svr Error - Service UnavailableSub RuleHTTP 503 : Server Error - Service UnavailableError
HTTP - 503 - Svr Error - Service UnavailableSub RuleHTTP 503 : Server Error - Service UnavailableError
Remote Procedure Call Over HTTP : OUTSub RuleRemote Procedure Call AttemptNetwork Traffic
Remote Procedure Call Over HTTP : INSub RuleRemote Procedure Call AttemptNetwork Traffic
PROPFIND MethodSub RuleObject AccessedAccess Success
HEAD MethodSub RuleObject AccessedAccess Success
File PostSub RuleObject AddedAccess Success
File DownloadSub RuleObject DownloadedAccess Success

Mapping with LogRhythm Schema  

Device Key in Log Message

LogRhythm Schema

Data Type

N/A<dip>Number
N/A<tag1>Text/String
N/A<command>Text/String
N/A<url>Text/String
N/A<dport>Number
N/A<domain>Text/String
N/A<login>Number/Text
N/A<snatip>Number
N/A<useragent>Number/Text
N/A<object>Number/Text
N/A<sender>Number/Text
N/A<responsecode>Number
N/A<vmid>Number
N/A<milliseconds>Number
N/A<bytesin>Number
N/A<bytesout>Number
N/A<sinterface>Number
N/A<sip>Number


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close