...
The following logtype/fields are not yet available in the Log Types area of the Snare Central user guide. Basic details are available below:
Log Type / Table | Fields |
|---|
QUASARSAudit | DATE TIME SYSTEM TABLE IDENTITY ACTION IDTYPE IDVALUE AUDITTABLE FIELD OLDVALUE NEWVALUE
|
RACFLog | DATE TIME SYSTEM TABLE EVENTID JOBNAME SOURCE RESOURCE ACTION USERID USERNAME USERFLAGS GROUPID RETURN RESULT DATA
|
SidewinderFirewallLog | DATE TIME SYSTEM TABLE ACTION PROTO SRCINT SRCADDR SRCPORT DSTINT DSTADDR DSTPORT FAC AREA TYPE PRIORITY PID RUID EUID PGID LOGID COMMAND DOMAIN EDOMAIN CATEGORY ATTACKADDR ATTACKINT SERVICENAME USERNAME AUTHMETHOD ACLID CACHEHIT REASON
|
SidewinderLog | DATE TIME SYSTEM TABLE USERNAME AUTHMETHOD SRCADDR SRCPORT DSTADDR DSTPORT PROTO EVENT TYPE REASON STRINGS
|
SMTPSvcLog | DATE TIME SYSTEM TABLE SOURCE EVENTID USER SOURCEADDR DESTADDR SOURCESYSTEM DESTSYSTEM MESSAGEID BYTES STATUS STRING
|
SnareServerLog | DATE TIME SYSTEM TABLE SOURCE USERNAME RESOURCE ACTION RETURN DETAILS
|
SNMPTrap | DATE TIME SYSTEM TABLE STRINGS
|
Snort | DATE TIME SYSTEM TABLE EVENTID PRIORITY CLASSIFICATION DESCRIPTION SRCADDR SRCPORT DSTADDR DSTPORT PROTO
|
SOCKSLog | DATE TIME SYSTEM TABLE ACTION MESSAGE
|
SolarisBSM | DATE TIME SYSTEM TABLE EVENTCOUNT EVENTID AUID EUID EGID RUID RGID PID RETURNCODE STRINGS TARGET
|
SonicWall | DATE TIME SYSTEM TABLE EVENTID CATEGORY PRIORITY FWADDR PROTO SRCADDR SRCPORT DSTADDR DSTPORT MESSAGE STRINGS
|
SonicWallSSLVPN | DATE TIME SYSTEM TABLE ACTION PRIORITY FWADDR SRCADDR DSTADDR PORTAL DOMAIN USER MESSAGE AGENT STRING
|
SophosDataControlLog | DATE TIME SYSTEM TABLE USERNAME COMPUTER SOURCEPATH DESTINATIONPATH FILENAME DESTTYPE STRINGS
|
SophosWeb | DATE TIME SYSTEM TABLE USERNAME CRITICALITY CATEGORY RULE REASON THREAT DOMAIN METHOD URL PROTOCOL SRCIP DESTIP AGENT OS BYTESIN BYTESOUT REFERRER STRINGS
|
SquidProxyLog | DATE TIME SYSTEM TABLE HOSTNAME USERNAME URL RETURNCODE BYTES REFERRER AGENT PROTOCOL LOGTYPE CATEGORY STRINGS
|
TandemLog | DATE TIME SYSTEM TABLE PSGUSER PSGUSERID PCGUSER POOBJECTTYPE POOPERATION POOWNUSER POOWNUSERID PSTERM PCTERM RETURN
|
TopicLog | DATE TIME SYSTEM TABLE CLIENT USERNAME OPERATION QUERY TITLE COLLECTIONS SERIAL PATH RULE
|
TrendDSM | DATE TIME SYSTEM TABLE CRITICALITY EVENTNUMBER TITLE TARGET ACTIONBY DESCRIPTION TAGS
|
Tru64Audit | DATE TIME SYSTEM TABLE EVENTID USERID AUID RUID EUID PID PPID RETURNCODE STRINGS TARGET
|
VMSLog | DATE TIME SYSTEM TABLE EVENTID EVENTTYPE USERNAME SYSTEMID PID TERMINALNAME PROCESSNAME PROCESSOWNER REMOTEUSERNAME REMOTENODENAME IMAGENAME COMMANDLINE OBJECTCLASSNAME AUDITINGFLAGS ALARMFLAGS STATUS DATA
|
VWActionsLog | DATE TIME SYSTEM TABLE SEQUENCE CLIENTID METHODCODE OFFICERCODE FOLDERCODE CLIENTTYPE
|
WebLog | DATE TIME SYSTEM TABLE HOSTNAME USERNAME URL RETURNCODE BYTES REFERRER AGENT PROTOCOL LOGTYPE CATEGORY STRINGS
|
WinDHCP | DATE TIME SYSTEM TABLE EVENTID DESCRIPTION IPADDRESS HOSTNAME MACADDRESS
|