When an event is logged through Alert Logic®, the event is assigned a class. These classes are based on common industry standards and can be viewed while monitoring events in the Alert Logic console. For more information about monitoring events, refer to our Monitor Events documentation.
The following table lists the possible class types that can display and a brief definition for each class.
Class Type |
Definition |
attempted-admin |
Attempted Administrator Privilege Gain |
attempted-dos |
Attempted Denial of Service |
Attempted-recon |
Attempted Information Leak |
Attempted-user |
Attempted User Privilege Gain |
Bad-unknown |
Potentially Bad Traffic |
Default-login-attempt |
Attempt to Login By a Default Username and Password |
Denial-of-service |
Detection of a Denial of Service Attack |
Icmp-event |
Generic ICMP Event |
Inappropriate-content |
Inappropriate Content Was Detected |
Misc-activity |
Misc Activity |
Misc-attack |
Misc Attack |
Network-scan |
Detection of a Network Scan |
Non-standard-protocol |
Detection of a Non-Standard Protocol or Event |
Not-suspicious |
Not Suspicious Traffic |
Policy-violation |
Potential Corporate Privacy Violation |
Protocol-command-decode |
Generic Protocol Command Decode |
Rpc-portmap-decode |
Decode of an RPC Query |
Sdf |
Sensitive Data Was Transmitted Across the Network |
Shellcode-detect |
Executable Code Was Detected |
String-detect |
A Suspicious String Was Detected |
Successful-admin |
Successful Administrator Privilege Gain |
Successful-dos |
Denial of Service |
Successful-recon-largescale |
Large Scale Information Leak |
Successful-recon-limited |
Information Leak |
Successful-user |
Successful User Privilege Gain |
Suspicious-filename-detect |
Suspicious Filename Was Detected |
Suspicious-login |
An Attempted Login Using a Suspicious Username Was Detected |
System-call-detect |
A System Call Was Detected |
Tcp-connection |
A TCP Connection Was Detected |
Trojan-activity |
A Network Trojan Was Detected |
Unknown |
Unknown Traffic |
Unsuccessful-user |
Unsuccessful User Privilege Gain |
Unusual-client-port-connection |
A Client Was Using an Unusual Port |
Web-application-activity |
Access to a Potentially Vulnerable Web Application |
Web-application-attack |
Web Application Attack |
Comments
0 comments
Please sign in to leave a comment.