OSSIM事件类/子类 CATEGORY/ SUBCATEGORY 总结表
在数据源里可以查看详情,因为类和子类会显示在SIEM中。
事件 类/子类
数据源分类 | 子类 | 备注 |
Access | ACL Deny | |
ACL Permit | ||
ConnectionClosed | ||
ConnectionOpened | ||
File Access | ||
File Blocked | ||
Firewall Deny | ||
Firewall Misc Event | ||
Firewall Permit | ||
Timeout | ||
Traffic Inbound | ||
Traffic Outbound | ||
Tunnel Closed | ||
Tunnel Connection | ||
Web Appliation Access | ||
Alarm | Attacks | |
Bruteforce | ||
Dos | ||
Malware | ||
Misc | ||
Network | ||
Policy | ||
Scada | ||
Scan | ||
Aert | HostIDS Alert | |
IDS Alert | ||
IPS Alert | ||
Availability | State Critical | |
State Down | ||
State Unknown | ||
State Up | ||
State Warning | ||
Database | Error | |
Login | ||
Login Failed | ||
Logout | ||
Query | ||
Start | ||
Stop | ||
Recon | Misc | |
Scanner | ||
Application | DHCP Error | |
DHCP Request | ||
DNS Succesful Zone Tranfer | ||
DNS Zone Transfer Failed | ||
FTP commandExecuted | ||
FTPConnectionOpened | ||
Mail Received | ||
Mail Sent | ||
Spam Detected | ||
××× Closed | ||
××× Denied | ||
Web Error | ||
Web Denied | ||
Web Modified | ||
WebProxy | ||
Web Redirected | ||
Authentication | Account Lockout | |
Admin Access | ||
Brute force | ||
Default Credentials | ||
Failed | ||
FTP Login Failed | ||
FTP Login Succeeded | ||
Goup Added | ||
Goup Deleted | ||
Login | ||
Logout | ||
Password Change Failed | ||
Password Change Succeeded | ||
User Changed | ||
User Created | ||
User Deleted | ||
Exploit | Attack Response | |
Buffer Overflow | ||
Command Execution | ||
Cross Site Scripting | ||
Denial Of Service | ||
Directory Traversal | ||
File Inclusion | ||
Format String | ||
Spoofing | ||
ShellCode | ||
SQL Injection | ||
Malware | Adware | |
Backdoor | ||
Fake Antivirus | ||
Generic | ||
KeyLogger | ||
Spyware | ||
Trojan | ||
Virus | ||
Worm | ||
Policy | Anonymity | |
Check Failed | ||
Instant Messaging Chat | ||
P2P | ||
Phishing | ||
Porn | ||
Suspicious | Bad Traffic | |
Blacklist Address | ||
Database Activity | ||
DNS Protocol Anomaly | ||
FTP Protocol Anomaly | ||
HTTP Protocol Anomaly | ||
Mail Protocol Anomaly | ||
Netbios Activity | ||
Network Anomaly | ||
NFS Activity | ||
RPC Activity | ||
ScadaActivity | ||
SSH Activity | ||
SSH Protocol Anomaly | ||
Telnet Protocol Anomaly | ||
Threshold Exceeded | ||
Web Attack or Scan | ||
Inventory | Mac Change | |
MacDetected | ||
Operating System Change | ||
Operating System Detected | ||
Service Change | ||
Service Detected | ||
ServiceMisc |
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。