Products: Cisco Systems - Ironport
Rule ID | Rule Name |
---|---|
LEGACY-S00013 | Connection to High Entropy Domain |
THRESHOLD-S00026 | Possible Credential Abuse |
MATCH-S00835 | Possible Dynamic URL Domain |
OUTLIER-S00010 | Spike in URL Length from IP Address |
Log Mapper ID | Log Mapper Name |
---|---|
11fa489e-da9a-4982-8c99-55c600318585 | Cisco Ironport MID - Custom Parser |
d271ce6b-d074-4690-a72a-f5ae754d3efa | Cisco Ironport SFIMS - Custom Parser |
fdcfade8-8ed5-4195-b0bc-380acfcb6aa7 | Cisco Ironport WSA - Custom Parser |