Classification

Rule Name

Rule Type

Common Event

Classification

EVID 1008 : Microsoft-Windows-PerflibBase RuleFunction Call FailedError

Mapping with LogRhythm Schema  

Device Key in Log Message

Log Value

LogRhythm Schema

Data Type

N/AN/A<vendorinfo>Text/String
N/AN/A<vmid>Number
N/AN/A<severity>Text/String
N/AN/A<dname>Text/String
N/AN/A<processid>Number
N/AN/A<object>Text/String
N/AN/A<objectname>Text/String
N/AN/A<threatid>Number
N/AN/A<version>Number
N/AN/A<bytesin>Number