Vendor Documentation


Classification

Rule Name

Rule Type

Common Event

Classification


Feed SynchronizedBase RuleSync CompletedActivity


Sample Logs

02 07 2017 17:48:15 1.1.1.1 <USER:NOTE> LEEF:1.0|CB|CB|5.1|feed.synchronized|cb_server=cbserver feed_id=7 feed_name=ThreatConnect feed_update_time=2017-02-07T23:48:09Z timestamp=1486511294.64 type=feed.synchronized

Mapping with LogRhythm Schema

Device Key in log messageLog ValueLogRhythm SchemaData Type
feed_nameThreat Connect<object>Text/String