Products: McAfee - Web Gateway
Rule ID | Rule Name |
---|---|
MATCH-S00209 | CVE-2021-44228 Log4j2 Java Library 0-Day Attempt |
LEGACY-S00013 | Connection to High Entropy Domain |
THRESHOLD-S00016 | HTTP Response Error Spike - Internal |
MATCH-S00042 | McAfee Web Gateway - Poor Reputation |
MATCH-S00638 | McAfee Web Gateway - Suspicious or Malicious Categories |
THRESHOLD-S00026 | Possible Credential Abuse |
MATCH-S00835 | Possible Dynamic URL Domain |
MATCH-S00637 | Possible Malicious Download |
OUTLIER-S00010 | Spike in URL Length from IP Address |
LEGACY-S00182 | Suspicious HTTP User-Agent |
LEGACY-S00107 | Threat Intel Match - IP Address |
LEGACY-S00165 | VBS file downloaded from Internet |
Log Mapper ID | Log Mapper Name |
---|---|
06d2310a-b511-48f4-b777-559b3e6e2be1 | McAfee Web Gateway - LEEF |
a1097784-4fb2-4a6f-9338-7e1064a58005 | McAfee WebGateway - CEF - Backup Triggered |
b95bbe75-269b-4b8a-bf90-cbc1470aeacc | McAfee WebGateway - CEF - File Download |
66227412-64e9-4d71-9565-338bcde62ae0 | McAfee WebGateway - CEF - Rule Changes |
2f442ebb-2bbc-4ae8-82f7-292b015fa67e | McAfee WebGateway - CEF - System List Update |
bb6e0892-ed2c-42e6-b0a8-331eadf598fb | McAfee WebGateway - CEF - Traffic Logs |
1f2f7c10-668b-416f-9018-7d47cd802b50 | McAfee WebGateway - CEF - Trigger Action |
776bca53-f0fd-4b30-9d44-1c00863c766b | McAfee WebGateway - CEF - User Login |
db8d4ca1-982a-42fc-a0b3-cbe6f04cd6fb | McAfee WebGateway - CEF - User Login Failed |
e4177d7b-56ec-45d3-8572-780c93a30087 | McAfee WebGateway - CEF - User Logout |
0efb88b1-a2b5-46e6-bb3c-18c3cbf352b7 | McAfee WebGateway - CEF - User Timed-out |
02d0e53b-6a92-4837-9aa6-a5d4af42b09c | McAfee WebGateway - JSON |
33b045fc-8df5-41fc-b5b5-5232e10df1c7 | McAfee WebGateway - Parser |
0c7120d1-0adc-48c0-a824-526eac5c10e3 | McAfee WebGateway Proxy - Audit |