TIBCO LogLogic Reports for GPG13
All TIBCO LogLogic reports can be used to monitor regular user activity, as well as the activity and results of system and network administrators.
Serial Number | TIBCO LogLogic Report | Description |
---|---|---|
1 | GPG13: Account Activities on UNIX Servers | Displays all accounts activities on UNIX servers to ensure authorized and appropriate access. |
2 | GPG13: Account Activities on Windows Servers | Displays all accounts activities on Windows servers to ensure authorized and appropriate access. |
3 | GPG13: Windows Group Members Added | Displays all accounts added to groups on the Windows servers to ensure appropriate access. |
4 | GPG13: Accounts Changed on UNIX Servers | Displays all accounts changed on UNIX servers to ensure authorized and appropriate access. |
5 | GPG13: Accounts Changed on Windows Servers | Displays all accounts changed on Windows servers to ensure authorized and appropriate access. |
6 | GPG13: Accounts Created on UNIX Servers | Displays all accounts created on UNIX servers to ensure authorized and appropriate access. |
7 | GPG13: Accounts Created on Windows Servers | Displays all accounts created on Windows servers to ensure authorized and appropriate access. |
8 | GPG13: Accounts Deleted on UNIX Servers | Displays all accounts deleted on UNIX servers to ensure authorized and appropriate access. |
9 | GPG13: Accounts Deleted on Windows Servers | Displays all accounts deleted on Windows servers to ensure authorized and appropriate access. |
10 | GPG13: Windows Accounts Enabled | Displays all accounts enabled on Windows servers to ensure authorized and appropriate access. |
11 | GPG13: Network Traffic per Rule - Juniper Firewall | Displays all network traffic flowing through each rule in a network policy to ensure appropriate access. |
12 | GPG13: Windows Group Members Deleted | Displays all accounts removed from groups on the Windows servers to ensure appropriate access. |
13 | GPG13: Escalated Privilege Activities on Servers | Displays all privilege escalation activities performed on servers to ensure appropriate access. |
14 | GPG-13: F5 BIG-IP TMOS Ports Denied Access | Displays the applications that have been denied access the most by the F5 BIG-IP TMOS. |
15 | GPG13: F5 BIG-IP TMOS Restarted | Displays all events when the F5 BIG-IP TMOS has been restarted. |
16 | GPG13: Failed Logins | Displays all failed login attempts to review any access violations or unusual activity. |
17 | GPG13: Failed Windows Events Summary | Displays summary of all failed access-related Windows events. |
18 | GPG13: Files Accessed on Servers | Displays all files accessed on servers to ensure appropriate access. |
19 | GPG13: Group Activities on UNIX Servers | Displays all group activities on UNIX servers to ensure authorized and appropriate access. |
20 | GPG13: Group Activities on Windows Servers | Displays all group activities on Windows servers to ensure authorized and appropriate access. |
21 | GPG13: Groups Created on UNIX Servers | Displays all groups created on UNIX servers to ensure authorized and appropriate access. |
22 | GPG13: Groups Created on Windows Servers | Displays all groups created on Windows servers to ensure authorized and appropriate access. |
23 | GPG13: Groups Deleted on UNIX Servers | Displays all groups deleted on UNIX servers to ensure authorized and appropriate access. |
24 | GPG13: Groups Deleted on Windows Servers | Displays all groups deleted on Windows servers to ensure authorized and appropriate access. |
25 | GPG13: Last Activities Performed by Administrators | Displays the latest activities performed by administrators and root users to ensure appropriate access. |
26 | GPG13: Last Activities Performed by All Users | Displays the latest activities performed by all users to ensure appropriate access. |
27 | GPG13: Logins by Authentication Type | Displays all logins categorized by the authentication type. |
28 | GPG13: Windows New Services Installed | Displays a list of new services installed on Windows servers to ensure authorized access. |
29 | GPG13: Password Changes on Windows Servers | Displays all password change activities on Windows servers to ensure authorized and appropriate access. |
30 | GPG13: Periodic Review of Log Reports | Displays all review activities performed by administrators to ensure review for any access violations. |
31 | GPG13: Periodic Review of User Access Logs | Displays all review activities performed by administrators to ensure review for any access violations. |
32 | GPG13: Permissions Modified on Windows Servers | Displays all permission modification activities on Windows Servers to ensure authorized access. |
33 | GPG13: Policies Modified on Windows Servers | Displays all policy modification activities on Windows servers to ensure authorized and appropriate access. |
34 | GPG13: Windows Programs Accessed | Displays all programs started and stopped on servers to ensure appropriate access. |
35 | GPG13: Successful Logins | Displays successful logins to ensure only authorized personnel have access. |
36 | GPG13: Trusted Domain Created on Windows Servers | Displays all trusted domains created on Windows servers to ensure authorized and appropriate access. |
37 | GPG13: Trusted Domain Deleted on Windows Servers | Displays all trusted domains deleted on Windows servers to ensure authorized and appropriate access. |
38 | GPG13: Unauthorized Logins | Displays all logins from unauthorized users to ensure appropriate access to data. |
39 | GPG13: Unencrypted Logins | Displays all unencrypted logins to ensure secure access to data. |
40 | GPG13: Users Created on Servers | Displays all users created on servers to ensure authorized and appropriate access. |
41 | GPG13: Users Removed from Servers | Displays all users removed from servers to ensure timely removal of terminated users. |
42 | GPG13: Windows Events by Users | Displays a summary of access-related Windows events by source and target users. |
43 | GPG13: Windows Events Summary | Displays a summary of access-related Windows events by count. |
44 | GPG13: Active Connections for Cisco PIX | Displays all currently active firewall connections for Cisco PIX. |
45 | GPG13: Active Connections for Cisco ASA | Displays all currently active firewall connections for Cisco ASA. |
46 | GPG13: Denied Inbound Connections - Cisco ASA | Displays all inbound connections that have been denied by the Cisco ASA devices. |
47 | GPG13: Denied Inbound Connections - Juniper Firewall | Displays all inbound connections that have been denied by the Juniper Firewalls. |
48 | GPG13: Denied Outbound Connections - Cisco PIX | Displays all outbound connections that have been denied by the Cisco PIX. |
49 | GPG13: Denied Outbound Connections - Juniper Firewall | Displays all outbound connections that have been denied by the Juniper Firewall. |
50 | GPG13: Ports Denied Access - Juniper Firewall | Displays the applications that have been denied access the most by the Juniper Firewall. |
51 | GPG13: Ports Allowed Access - Cisco PIX | Displays all connections passed through the Cisco PIX by port. |
52 | GPG13: Most Active Ports Through Firewall - Cisco PIX | Displays the most active ports used through the Cisco PIX firewall. |
53 | GPG13: Network Traffic per Rule - Check Point | Displays all network traffic flowing through each rule in a network policy to ensure appropriate access. |
54 | GPG13: Applications Under Attack | Displays all applications under attack as well as the attack signatures. |
55 | GPG13: Attackers by Service | Displays all attack source IP address and service ports. |
56 | GPG13: Attackers by Signature | Displays all attack source IP address and signatures. |
57 | GPG13: Attacks Detected | Displays all IDS attacks detected against servers and applications. |
58 | GPG13: Sensors Generating Alerts | Displays the IDS sensors that generated the most alerts. |
59 | GPG13: Servers Under Attack | Displays all servers under attack. |
60 | GPG13: Source of Attacks | Displays the sources that have initiated the most attacks. |
61 | GPG13: Domains Sending the Most Email - Exchange 2000/2003 | Displays the top domains sending email. |
62 | GPG13: Email Recipients Receiving the Most Emails by Count - Exchange 2000/2003 | Displays the email recipients who receiving the most emails by count. |
63 | GPG13: Email Recipients Receiving the Most Emails by Size - Exchange 2000/2003 | Displays the email recipients who received the most emails by mail size. |
64 | GPG13: Email Senders Sending the Most Emails by Count - Exchange 2000/2003 | Displays the email senders who sent the most emails by count. |
65 | GPG13: Email Senders Sending the Most Emails by Size - Exchange 2000/2003 | Displays the email senders who sent the most emails by mail size. |
66 | GPG13: Most Active Email Senders - Exchange 2000/2003 | Displays the most active email senders based on activity. |
67 | GPG13: Most Used Mail Commands - Exchange 2000/2003 | Displays the most used email protocol commands on Microsoft Exchange servers. |
68 | GPG13: Recipient Domains Experiencing Delay - Exchange 2000/2003 | Displays the recipient domains that have experienced the most delivery delays. |
69 | ||
70 | GPG13: Sender and Recipients Exchanging the Most Emails - Exchange 2000/2003 | Displays the top email sender and recipient combinations. |
71 | GPG13: Source IP Sending To Most Recipients - Exchange 2000/2003 | Displays IP addresses that are sending to the most recipients. |
72 | GPG13: Active VPN Connections for Cisco VPN Concentrators | Displays all currently active VPN connections for Cisco VPN Concentrators. |
73 | GPG13: Active VPN Connections for Nortel Contivity | Displays all currently active VPN connections for Nortel Contivity VPN devices. |
74 | GPG13: Bandwidth Usage by User | Displays users who are using the most bandwidth. |
75 | GPG13: VPN Connection Average Bandwidth | Displays the average bandwidth for VPN connections. |
76 | GPG13: VPN Connection Average Duration | Displays the average duration of VPN connections. |
77 | GPG13: VPN Connection Disconnect Reasons | Displays the disconnect reasons for VPN connections. |
78 | GPG13: VPN Connections by Users | Displays users who are made the most connections. |
79 | GPG13: Denied Connections by IP Addresses - Check Point | Displays remote IP addresses with the most denied connections from Check Point. |
80 | GPG13: VPN Denied Connections by Users | Displays users with the most denied connections. |
81 | GPG13: VPN Sessions by Destination IPs | Displays all VPN sessions categorized by destination IP addresses. |
82 | GPG13: VPN Sessions by Source IPs | Displays all VPN sessions categorized by source IP addresses. |
83 | GPG13: VPN Sessions by Users | Displays all VPN sessions categorized by authenticated users. |
84 | GPG13: VPN Users Accessing Corporate Network | Displays all users logging into the corporate network through Virtual Private Network to ensure appropriate access. |
85 | GPG13: Allowed URLs by Source IPs | Displays successful access to URLs by source IP addresses. |
86 | GPG13: Allowed URLs by Source Users | Displays successful access to URLs by source users. |
87 | GPG13: Blocked URLs by Source IPs | Displays URLs that have been blocked by source IP addresses. |
88 | GPG13: Blocked URLs by Source Users | Displays URLs that have been blocked by source users. |
89 | GPG13: Files Downloaded through the Web | Displays all web-based downloads ensure authorized and appropriate access. |
90 | GPG13: Files Uploaded through the Web | Displays all web-based uploads to ensure only authorized data can be uploaded. |
91 | GPG13: Peer Servers and Status | Displays all web servers providing data for cache servers and the status of requests. |
92 | GPG13: Web URLs Visited | Displays URLs that have been visited. |
93 | GPG13: Users Using the Proxies | Displays users who have been surfing the web through the proxy servers. |
94 | GPG13: Web Access from All Users | Displays all web-based access by all users for regular reviews and updates. |
95 | GPG13: Web Access to Applications | Displays all web-based access to applications to ensure appropriate and authorized access. |
96 | GPG13: NetApp Filer Snapshot Error | Displays events that indicate backup on the NetApp Filer has failed. |
97 | GPG13: Cisco Routers and Switches Restart | Displays all Cisco routers and switches restart activities to detect unusual activities. |
98 | GPG13: Juniper Firewall Reset Accepted | Displays events that indicate the Juniper Firewall has been reset to its factory default state. |
99 | GPG13: Juniper Firewall Reset Imminent | Displays events that indicate the Juniper Firewall is reset to its factory default state. |
100 | GPG13: LogLogic File Retrieval Errors | Displays all errors while retrieving log files from devices, servers and applications. |
101 | GPG13: LogLogic Message Routing Errors | Displays all log forwarding errors on the LogLogic appliance to ensure all logs are archived properly. |
102 | GPG13: Windows Audit Logs Cleared | Displays all audit logs clearing activities on Windows servers to detect access violations or an unusual activity. |
103 | GPG13: Windows Servers Restarted | Displays all Windows server restart activities to detect unusual activities. |
104 | GPG13: Check Point Configuration Changes | Displays all Check Point audit events related to configuration changes. |
105 | GPG13: Check Point Objects Created | Displays all Check Point audit events related to object creation in policies. |
106 | GPG13: Check Point Objects Deleted | Displays all Check Point audit events related to policy objects deleted. |
107 | GPG13: Check Point Objects Modified | Displays all Check Point audit events related to policy objects modified. |
108 | GPG13: Check Point SIC Revoked | Displays all Check Point audit events related to the security certificate being revoked. |
109 | GPG13: Creation and Deletion of System Level Objects: AIX Audit | Displays AIX audit events related to creation and deletion of system-level objects. |
110 | GPG13: Creation and Deletion of System Level Objects: DB2 Database | Displays DB2 database events related to creation and deletion of system-level objects. |
111 | GPG13: Creation and Deletion of System Level Objects: HP-UX Audit | Displays HP-UX audit events related to creation and deletion of system-level objects. |
112 | GPG13: Creation and Deletion of System Level Objects: Oracle | Displays Oracle database events related to creation and deletion of system-level objects. |
113 | GPG13: Creation and Deletion of System Level Objects: Solaris BSM | Displays Solaris BSM events related to creation and deletion of system-level objects. |
114 | GPG13: Creation and Deletion of System Level Objects: SQL Server | Displays Microsoft SQL Server events related to creation and deletion of system-level objects. |
115 | GPG13: Creation and Deletion of System Level Objects: Windows | Displays all Windows events related to creation and deletion of system-level objects. |
116 | GPG13: DB2 Database Configuration Changes | Displays DB2 database configuration changes. |
117 | GPG13: DB2 Database Successful Logins | Displays successful DB2 database logins. |
118 | GPG13: Microsoft SQL Server Database Failed Logins | Displays failed Microsoft SQL Server database logins. |
119 | GPG13: Decru DataFort Cryptographic Key Events | Displays events related to cryptographic key handling. |
120 | GPG13: Decru DataFort Zeroization Events | Displays events related to Decru DataFort zeroization. |
121 | GPG13: i5/OS Access Control List Modifications | Displays i5/OS events related to access control list modification. |
122 | GPG13: i5/OS Audit Configuration Changes | Displays all audit configuration changes on i5/OS. |
123 | GPG13: i5/OS DST Password Reset | Displays i5/OS events related to the reset of the DST (Dedicated Service Tools) password. |
124 | GPG13: i5/OS Internet Security Management Events | Displays i5/OS events related to Internet Security Management (IPSec/VPN). |
125 | GPG13: i5/OS Key Ring File Events | Displays i5/OS key ring file events (cryptographic key management). |
126 | GPG13: i5/OS Network Authentication Events | Displays i5/OS network authentication events. |
127 | GPG13: i5/OS Object Access | Displays i5/OS events related to object access. |
128 | GPG13: i5/OS Object Creation and Deletion | Displays i5/OS events related to object creation and deletion. |
129 | GPG13: Ports Denied Access - F5 BIG-IP TMOS | Displays the applications that have been denied access the most by the F5 BIG-IP TMOS. |
130 | GPG13: i5/OS Restore Events | Displays i5/OS events related to object, program, and profile restoration. |
131 | GPG13: i5/OS Server Security User Information Actions | Displays i5/OS events related to server security user information actions. |
132 | GPG13: i5/OS System Management Changes | Displays i5/OS events related to system management changes. |
133 | GPG13: i5/OS User Profile Creation, Modification, or Restoration | Displays i5/OS events related to user profile creation, modification, or restoration. |
134 | GPG13: Oracle Database Configuration Changes | Displays Oracle database configuration changes. |
135 | GPG13: Oracle Database Successful Logins | Displays successful Oracle database logins. |
136 | GPG13: Sybase ASE Database Backup and Restoration | Displays Sybase ASE DUMP and LOAD events. |
137 | GPG13: Sybase ASE Database Create Events | Displays Sybase ASE events involving the CREATE statement. |
138 | GPG13: Sybase ASE Database Data Access | Displays Sybase ASE events involving the SELECT statement. |
139 | GPG13: Sybase ASE Database Drop Events | Displays Sybase ASE events involving the DROP statement. |
140 | GPG13: Sybase ASE Failed Logins | Displays failed Sybase ASE database logins. |
141 | GPG13: Sybase ASE Successful Logins | Displays successful Sybase ASE database logins. |
142 | GPG13: Tripwire Modifications, Additions, and Deletions | Displays system modifications, additions, and deletions detected by Tripwire. |
143 | GPG13: Administrator Logins on Windows Servers | Displays all logins with the administrator account on Windows servers. |
144 | GPG13: Root Logins | Displays root logins. |
145 | GPG13: Unencrypted Network Services - Nortel | Displays Nortel firewall traffic containing unencrypted network services. |
146 | GPG13: Microsoft SQL Server Data Access | Displays data access events on Microsoft SQL Server databases. |
147 | GPG13: Microsoft SQL Server Database Successful Logins | Displays successful Microsoft SQL Server database logins. |
148 | GPG13: Microsoft SQL Server Database Permission Events | Displays events related to Microsoft SQL Server database permission modifications. |
149 | GPG13: Microsoft SQL Server Database User Additions and Deletions | Displays Microsoft SQL Server events related to creation and deletion of database users. |
150 | GPG13: Microsoft SQL Server Password Changes | Displays password changes for Microsoft SQL Server database accounts. |
151 | GPG13: Juniper SSL VPN Successful Logins | Displays successful connections through the Juniper SSL VPN. |
152 | GPG13: Denied Inbound Connections - Check Point | Displays all inbound connections that have been denied by the Check Point devices. |
153 | GPG13: Unencrypted Network Services - Juniper Firewall | Displays Juniper Firewall traffic containing unencrypted network services. |
154 | GPG13: Ports Allowed Access - Juniper Firewall | Displays all connections passed through the Juniper Firewall by port. |
155 | GPG13: UNIX Failed Logins | Displays failed UNIX logins for known and unknown users. |
156 | GPG13: Ports Denied Access - Cisco ASA | Displays the applications that have been denied access the most by the Cisco ASA. |
157 | GPG13: Ports Denied Access - Cisco PIX | Displays the applications that have been denied access the most by the Cisco PIX. |
158 | GPG13: Ports Denied Access - Cisco FWSM | Displays the applications that have been denied access the most by the Cisco FWSM. |
159 | GPG13: Active Connections for Cisco FWSM | Displays all currently active firewall connections for Cisco FWSM. |
160 | GPG13: Active Directory System Changes | Displays changes made within Active Directory. |
161 | GPG13: Symantec AntiVirus: Attacks by Threat Name | Displays Symantec AntiVirus attacks by threat name. |
162 | GPG13: Symantec AntiVirus: Attacks Detected | Displays attacks detected by Symantec AntiVirus. |
163 | GPG13: Symantec AntiVirus: Updated | Displays updates to Symantec AntiVirus. |
164 | GPG13: Symantec AntiVirus: Scans | Displays scans using Symantec AntiVirus. |
165 | GPG13: McAfee AntiVirus: Attacks by Event ID | Displays McAfee AntiVirus attacks by Event ID. |
166 | GPG13: McAfee AntiVirus: Attacks by Threat Name | Displays McAfee AntiVirus attacks by threat name. |
167 | GPG13: McAfee AntiVirus: Attacks Detected | Displays attacks detected by McAfee AntiVirus. |
168 | GPG13: Check Point Management Station Login | Displays all login events to the Check Point management station. |
169 | GPG13: Cisco Switch Policy Changes | Displays all configuration changes to the Cisco router and switch policies. |
170 | GPG13: Cisco Line Protocol Status Changes | Displays all Cisco line protocol up and down events. |
171 | GPG13: Cisco Link Status Changes | Displays all Cisco link up and down events. |
172 | GPG13: Cisco Peer Reset/Reload | Displays all Cisco Peer reset and reload events. |
173 | GPG13: Cisco Peer Supervisor Status Changes | Displays all Cisco Peer Supervisor status changes. |
174 | GPG13: Juniper Firewall Escalated Privilege | Displays events related to users having escalated privileges in the Juniper Firewall. |
175 | GPG13: Juniper Firewall Restarted | Displays all Juniper Firewall restart events. |
176 | GPG13: Juniper Firewall VPN Tunnel Status Change | Displays events when the Juniper Firewall VPN Tunnel is setup or taken down. |
177 | GPG13: Microsoft SQL Server Backup Failed | Displays all Microsoft SQL Server backup failures. |
178 | GPG13: Microsoft SQL Server Restore Failed | Displays all Microsoft SQL Server restore failure events. |
179 | GPG13: Microsoft SQL Server Schema Corruption | Displays all schema corruption events on Microsoft SQL Server databases. |
180 | GPG13: Microsoft SQL Server Shutdown by Reason | Displays all Microsoft SQL Server shutdown events by reason. |
181 | GPG13: Windows Software Update Activities | Displays all events related to the system's software or patch update. |
182 | GPG13: Windows Software Update Failures | Displays all failed events related to the system's software or patch update. |
183 | GPG13: Windows Software Update Successes | Displays all successful events related to the system's software or patch update. |
184 | GPG13: Juniper SSL VPN (Secure Access) Successful Logins | Displays all successfull logins through the Juniper SSL VPN (Secure Access). |
185 | GPG13: TrendMicro OfficeScan: Attacks Detected | Displays attacks detected by TrendMicro OfficeScan. |
186 | GPG13: TrendMicro OfficeScan: Attacks Detected by Threat Name | Displays attacks detected by TrendMicro OfficeScan by threat name. |
187 | GPG13: TrendMicro Control Manager: Attacks Detected | Displays attacks detected by TrendMicro Control Manager. |
188 | GPG13: TrendMicro Control Manager: Attacks Detected by Threat Name | Displays attacks detected by TrendMicro Control Manager by threat name. |
189 | GPG13: Ports Denied Access - Check Point | Displays the applications that have been denied access the most by the Check Point. |
190 | GPG13: Ports Denied Access - Fortinet | Displays the applications that have been denied access the most by the Fortinet. |
191 | GPG13: Ports Denied Access - Juniper RT Flow | Displays the applications that have been denied access the most by the Juniper RT Flow. |
192 | GPG13: Ports Denied Access - Nortel | Displays the applications that have been denied access the most by the Nortel. |
193 | GPG13: Network Traffic per Rule - Nortel | Displays all network traffic flowing through each rule in a network policy to ensure appropriate access. |
194 | GPG13: Denied Connections by IP Addresses - Cisco ASA | Displays remote IP addresses with the most denied connections from Cisco ASA. |
195 | GPG13: Denied Connections by IP Addresses - Cisco FWSM | Displays remote IP addresses with the most denied connections from Cisco FWSM. |
196 | GPG13: Denied Connections by IP Addresses - Cisco PIX | Displays remote IP addresses with the most denied connections from Cisco PIX. |
197 | GPG13: Denied Connections by IP Addresses - Nortel | Displays remote IP addresses with the most denied connections from Nortel. |
198 | GPG13: Denied Inbound Connections - Cisco FWSM | Displays all inbound connections that have been denied by the Cisco FWSM devices. |
199 | GPG13: Denied Inbound Connections - Cisco PIX | Displays all inbound connections that have been denied by the Cisco PIX devices. |
200 | GPG13: Denied Outbound Connections - Cisco ASA | Displays all outbound connections that have been denied by the Cisco ASA. |
201 | GPG13: Denied Outbound Connections - Cisco FWSM | Displays all outbound connections that have been denied by the Cisco FWSM. |
202 | GPG13: Denied Outbound Connections - Check Point | Displays all outbound connections that have been denied by the Check Point. |
203 | GPG13: Ports Allowed Access - Check Point | Displays all connections passed through the Check Point by port. |
204 | GPG13: Ports Allowed Access - Cisco ASA | Displays all connections passed through the Cisco ASA by port. |
205 | GPG13: Ports Allowed Access - Cisco FWSM | Displays all connections passed through the Cisco FWSM by port. |
206 | GPG13: Ports Allowed Access - Fortinet | Displays all connections passed through the Fortinet by port. |
207 | GPG13: Ports Allowed Access - Juniper RT Flow | Displays all connections passed through the Juniper RT Flow by port. |
208 | GPG13: Ports Allowed Access - Nortel | Displays all connections passed through the Nortel by port. |
209 | GPG13: Unencrypted Network Services - Check Point | Displays Check Point firewall traffic containing unencrypted network services. |
210 | GPG13: Unencrypted Network Services - Cisco ASA | Displays Cisco ASA firewall traffic containing unencrypted network services. |
211 | GPG13: Unencrypted Network Services - Cisco FWSM | Displays Cisco FWSM firewall traffic containing unencrypted network services. |
212 | GPG13: Unencrypted Network Services - Cisco PIX | Displays Cisco PIX firewall traffic containing unencrypted network services. |
213 | GPG13: Unencrypted Network Services - Fortinet | Displays Fortinet firewall traffic containing unencrypted network services. |
214 | GPG13: Unencrypted Network Services - Juniper RT Flow | Displays Juniper RT Flow firewall traffic containing unencrypted network services. |
215 | GPG13: Most Active Ports Through Firewall - Check Point | Displays the most active ports used through the Check Point firewall. |
216 | GPG13: Most Active Ports Through Firewall - Cisco ASA | Displays the most active ports used through the Cisco ASA firewall. |
217 | GPG13: Most Active Ports Through Firewall - Cisco FWSM | Displays the most active ports used through the Cisco FWSM firewall. |
218 | GPG13: Most Active Ports Through Firewall - Fortinet | Displays the most active ports used through the Fortinet firewall. |
219 | GPG13: Most Active Ports Through Firewall - Juniper Firewall | Displays the most active ports used through the Juniper Firewall. |
220 | GPG13: Most Active Ports Through Firewall - Nortel | Displays the most active ports used through the Nortel firewall. |
221 | GPG13: Active VPN Connections for RADIUS | Displays all currently active VPN connections for RADIUS Acct Client. |
222 | GPG13: Accepted VPN Connections - RADIUS | Displays all users connected to the internal network through the RADIUS VPN. |
223 | GPG13: Denied VPN Connections - RADIUS | Displays all users denied access to the internal network by the RADIUS VPN. |
224 | GPG13: RACF Accounts Created | Displays all accounts created on RACF servers to ensure authorized and appropriate access. |
225 | GPG13: RACF Accounts Deleted | Displays all accounts deleted on RACF servers to ensure authorized and appropriate access. |
226 | GPG13: RACF Accounts Modified | Displays all events when a network user profile has been modified. |
227 | GPG13: RACF Successful Logins | Displays successful logins to ensure only authorized personnel have access. |
228 | GPG13: RACF Failed Logins | Displays all failed login attempts to review any access violations or unusual activity. |
229 | GPG13: RACF Files Accessed | Displays all files accessed on RACF servers to ensure appropriate access. |
230 | GPG13: RACF Permissions Changed | Displays all permission modification activities on RACF to ensure authorized access. |
231 | GPG13: RACF Password Changed | Displays all password change activities on RACF servers to ensure authorized and appropriate access. |
232 | GPG13: RACF Process Started | Displays all processes started on the RACF servers. |
233 | GPG13: Email Recipients Receiving the Most Emails by Count - Exchange 2007/10 | Displays the email recipients who receiving the most emails by count. |
234 | GPG13: Email Senders Sending the Most Emails by Count - Exchange 2007/10 | Displays the email senders who sent the most emails by count. |
235 | GPG13: Email Senders Sending the Most Emails by Size - Exchange 2007/10 | Displays the email senders who sent the most emails by mail size. |
236 | GPG13: Microsoft SQL Server Configuration Changes | Displays Microsoft SQL database configuration changes. |
237 | GPG13: DB2 Database Backup Failed | Displays all IBM DB2 Database Server backup failures. |
238 | GPG13: DB2 Database Failed Logins | Displays all failed login attempts to review any access violations or unusual activity. |
239 | GPG13: DB2 Database Restore Failed | Displays all IBM DB2 Database restore failure events. |
240 | GPG13: DB2 Database User Additions and Deletions | Displays IBM DB2 Database events related to creation and deletion of database users. |
241 | GPG13: DB2 Database Stop and Start Events | Displays DB2 database events related to starting and stopping the database. |
242 | GPG13: Oracle Database Data Access | Displays data access events on Oracle databases. |
243 | GPG13: Oracle Database Permission Events | Displays events related to Oracle Server database role and privilege management. |
244 | GPG13: Oracle Database Shutdown | Displays Oracle database events related to shutting down the server. |
245 | GPG13: Oracle Database User Additions and Deletions | Displays Oracle database events related to creation and deletion of database users. |
246 | GPG13: Oracle Database Failed Logins | Displays all failed login attempts to the Oracle database. |
247 | GPG13: Guardium SQL Guard Configuration Changes | Displays all configuration changes on the Guardium SQL Guard database. |
248 | GPG13: Guardium SQL Guard Data Access | Displays all select statements made on Guardium SQL Server. |
249 | GPG13: Guardium SQL Guard Logins | Displays all login attempts to the Guardium SQL Server database. |
250 | GPG13: Guardium SQL Guard Startup or Shutdown | Displays all startup and shutdown events on Guardium SQL Server. |
251 | GPG13: vCenter Change Attributes | Modification of VMware vCenter and VMware ESX properties. |
252 | GPG13: vCenter Datastore Events | Displays create, modify, and delete datastore events on VMware vCenter. |
253 | GPG13: vCenter Failed Logins | Failed logins to the VMware vCenter console. |
254 | GPG13: vCenter Modify Firewall Policy | Displays changes to the VMware ESX allowed services firewall policy. |
255 | GPG13: vCenter Shutdown or Restart of ESX Server | VMware ESX Server is shutdown or restarted from VMware vCenter console. |
256 | GPG13: vCenter Successful Logins | Successful logins to the VMware vCenter console. |
257 | GPG13: vCenter User Permission Change | A permission role has been added, changed, removed, or applied to a user on VMware vCenter server. |
258 | GPG13: vCenter Virtual Machine Created | Virtual machine has been created from VMware vCenter console. |
259 | GPG13: vCenter Virtual Machine Deleted | Virtual machine has been deleted or removed from VMware vCenter console. |
260 | GPG13: vCenter Virtual Machine Shutdown | Virtual machine has been shutdown or paused from VMware vCenter console. |
261 | GPG13: vCenter Virtual Machine Started | Virtual machine has been started or resumed from VMware vCenter console. |
262 | GPG13: vCenter vSwitch Added, Changed or Removed | vSwitch on VMware ESX server has been added, modified or removed from the VMware vCenter console. |
263 | GPG13: vCenter Data Move | Entity has been moved within the VMware vCenter infrastructure. |
264 | GPG13: vCenter Restart ESX Services | VMware vCenter restarted services running on VMware ESX Server. |
265 | GPG13: vCenter Resource Usage Change | Resources have changed on VMware vCenter. |
266 | GPG13: vCloud Failed Logins | Failed logins to the VMware vCloud Director console. |
267 | GPG13: vCloud Organization Created | Vmware vCloud Director organization created events. |
268 | GPG13: vCloud Organization Deleted | VMware vCloud Director organization deleted events. |
269 | GPG13: vCloud Organization Modified | VMware vCloud Director organization modified events. |
270 | GPG13: vCloud Successful Logins | Successful logins to the VMware vCloud Director console. |
271 | GPG13: vCloud User Created | VMware vCloud Director user created events. |
272 | GPG13: vCloud User Deleted or Removed | VMware vCloud Director users have been deleted or removed from the system. |
273 | GPG13: vCloud vApp Created, Modified, or Deleted | VMWare vCloud Director vApp created, deleted, and modified events. |
274 | GPG13: vCloud vDC Created, Modified, or Deleted | VMWare vCloud Director virtual datacenter created, modified, or deleted events. |
275 | GPG13: ESX Accounts Activities | Displays all accounts activities on VMware ESX servers to ensure authorized and appropriate access. |
276 | GPG13: ESX Accounts Created | Displays all accounts created on VMware ESX servers to ensure authorized and appropriate access. |
277 | GPG13: ESX Accounts Deleted | Displays all accounts deleted on VMware ESX servers to ensure authorized and appropriate access. |
278 | GPG13: ESX Failed Logins | Failed VMware ESX logins for known user. |
279 | GPG13: ESX Group Activities | Displays all group activities on VMware ESX servers to ensure authorized and appropriate access. |
280 | GPG13: ESX Logins Succeeded | Displays successful logins to VMware ESX to ensure only authorized personnel have access. |
281 | GPG13: vShield Edge Configuration Changes | Displays changes to VMware vShield Edge policies. |
282 | GPG13: ESX Logins Failed Unknown User | Failed VMware ESX logins for unknown user. |
283 | GPG13: ESX Kernel log daemon terminating | Displays all VMware ESX Kernel log daemon terminating. |
284 | GPG13: ESX Kernel logging Stop | Displays all VMware ESX Kernel logging stops. |
285 | GPG13: ESX Syslogd Restart | Displays all VMware ESX syslogd restarts. |
286 | GPG13: Denied Connections - Cisco Router | Displays all connections that have been denied by the Cisco Router devices. |
287 | GPG13: Ports Denied Access - Cisco Router | Displays the applications that have been denied access the most by the Cisco Router. |
288 | GPG13: Sybase ASE Database Configuration Changes | Displays configuration changes to the Sybase database. |
289 | GPG13: Sybase ASE Database Startup or Shutdown | Displays all startup and shutdown events for the Sybase database. |
290 | GPG13: Sybase ASE Database User Additions and Deletions | Displays Sybase database events related to creation and deletion of database users. |
291 | GPG13: LogLogic DSM Configuration Changes | Displays all configuration changes on the LogLogic DSM database. |
292 | GPG13: LogLogic DSM Data Access | Displays all select statements made on LogLogic DSM database. |
293 | GPG13: LogLogic DSM Logins | Displays all login attempts to the LogLogic DSM database. |
294 | GPG13: LogLogic DSM Startup or Shutdown | Displays all startup and shutdown events on LogLogic DSM database. |
295 | GPG13: Microsoft Sharepoint Content Deleted | Displays all events when content has been deleted from Microsoft Sharepoint. |
296 | GPG13: Microsoft Sharepoint Content Updates | Displays all events when content is updated within Microsoft Sharepoint. |
297 | GPG13: Microsoft Sharepoint Permissions Changed | Displays all user/group permission events to Microsoft Sharepoint. |
298 | GPG13: Microsoft Sharepoint Policy Add, Remove, or Modify | Displays all events when a Microsoft Sharepoint policy is added, removed, or modified. |
299 | GPG13: Files Downloaded through Proxy | Displays all proxy-based downloads ensure authorized and appropriate access. |
300 | GPG13: Files Uploaded through Proxy | Displays all proxy-based uploads to ensure only authorized data can be uploaded. |
301 | GPG13: Web URLs Visited through Proxy | Displays URLs that have been visited through a proxy server. |
302 | GPG13: Guardium SQL Guard Audit Configuration Changes | Displays all configuration changes on the Guardium SQL Guard Audit database. |
303 | GPG13: Guardium SQL Guard Audit Logins | Displays all login attempts to the Guardium SQL Server Audit database. |
304 | GPG13: Guardium SQL Guard Audit Startup or Shutdown | Displays all startup and shutdown events on Guardium SQL Audit Server. |
305 | GPG13: Guardium SQL Guard Audit Data Access | Displays all select statements made on Guardium SQL Audit Server. |
306 | GPG13: Microsoft Operations Manager - Failed Windows Events | Displays summary of all failed access-related Windows events. |
307 | GPG13: Microsoft Operations Manager - Windows Accounts Activities | Displays all accounts activities on Windows servers to ensure authorized and appropriate access. |
308 | GPG13: Microsoft Operations Manager - Windows Accounts Changed | Displays all accounts changed on Windows servers to ensure authorized and appropriate access. |
309 | GPG13: Microsoft Operations Manager - Windows Accounts Created | Displays all accounts created on Windows servers to ensure authorized and appropriate access. |
310 | GPG13: Microsoft Operations Manager - Windows Accounts Enabled | Displays all accounts enabled on Windows servers to ensure authorized and appropriate access. |
311 | GPG13: Microsoft Operations Manager - Windows Events by Users | Displays a summary of access-related Windows events by source and target users. |
312 | GPG13: Microsoft Operations Manager - Windows Events Summary | Displays a summary of access-related Windows events by count. |
313 | GPG13: Microsoft Operations Manager - Windows Password Changes | Displays all password change activities on Windows servers to ensure authorized and appropriate access. |
314 | GPG13: Microsoft Operations Manager - Windows Permissions Modified | Displays all permission modification activities on Windows servers to ensure authorized access. |
315 | GPG13: Microsoft Operations Manager - Windows Policies Modified | Displays all policy modification activities on Windows servers to ensure authorized and appropriate access. |
316 | GPG13: Microsoft Operations Manager - Windows Servers Restarted | Displays all Windows server restart activities to detect unusual activities. |
317 | GPG13: Cisco PIX, ASA, FWSM Policy Changed | Displays all configuration changes made to the Cisco PIX, ASA, and FWSM devices. |
318 | GPG13: Cisco PIX, ASA, FWSM Failover Performed | Displays all logs related to performing a Cisco PIX, ASA, and FWSM failover. |
319 | GPG13: Cisco PIX, ASA, FWSM Failover Disabled | Displays all logs related to disabling Cisco PIX, ASA, and FWSM failover capability. |
320 | GPG13: Ports Allowed Access - PANOS | Displays all connections passed through the Palo Alto Networks by port. |
321 | GPG13: Ports Denied Access - PANOS | Displays the applications that have been denied access the most by the Palo Alto Networks. |
322 | GPG13: Unencrypted Network Services - PANOS | Displays Palo Alto Networks firewall traffic containing unencrypted network services. |
323 | GPG13: PANOS: Attacks by Event ID | Displays Palo Alto Networks attacks by Event ID. |
324 | GPG13: PANOS: Attacks by Threat Name | Displays Palo Alto Networks attacks by threat name. |
325 | GPG13: PANOS: Attacks Detected | Displays attacks detected by Palo Alto Networks. |
326 | GPG13: FortiOS: Attacks by Event ID | Displays FortiOS attacks by Event ID. |
327 | GPG13: FortiOS: Attacks Detected | Displays attacks detected by FortiOS. |
328 | GPG13: FortiOS: Attacks by Threat Name | Displays FortiOS attacks by threat name. |
329 | GPG13: FortiOS DLP Attacks Detected | Displays all DLP attacks detected by FortiOS. |
330 | GPG13: Ports Allowed Access - Juniper JunOS | Displays all connections passed through the Juniper JunOS by port. |
331 | GPG13: Unencrypted Network Services - Juniper JunOS | Displays Juniper JunOS firewall traffic containing unencrypted network services. |
332 | GPG13: Ports Denied Access - Juniper JunOS | Displays the applications that have been denied access the most by the Juniper JunOS. |
333 | GPG13: Symantec Endpoint Protection: Scans | Displays scans using Symantec Endpoint Protection. |
334 | GPG13: Symantec Endpoint Protection: Updated | Displays updates to Symantec Endpoint Protection. |
335 | GPG13: Symantec Endpoint Protection: Attacks by Threat Name | Displays Symantec Endpoint Protection attacks by threat name. |
336 | GPG13: Symantec Endpoint Protection: Attacks Detected | Displays attacks detected by Symantec Endpoint Protection. |
337 | GPG13: Denied Connections - Cisco NXOS | Displays all connections that have been denied by the Cisco NXOS devices. |
338 | GPG13: Cisco ISE, ACS Configuration Changes | Displays Cisco ISE and Cisco SecureACS configuration changes. |
339 | GPG13: Cisco ISE, ACS Password Changes | Displays all password change activities on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. |
340 | GPG13: Cisco ISE, ACS Accounts Created | Displays all accounts created on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. |
341 | GPG13: Cisco ISE, ACS Accounts Removed | Displays all accounts removed on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. |
342 | GPG13: Ports Allowed Access - Cisco Netflow | Displays all connections passed through the Cisco Netflow by port. |
343 | GPG13: Unencrypted Network Services - Cisco Netflow | Displays Cisco Netflow traffic containing unencrypted network services. |
344 | GPG13: Email Source IP Sending To Most Recipients | Displays IP addresses that are sending to the most recipients using Exchange 2007/10. |
345 | GPG13: Sidewinder Configuration Changes | Displays Sidewinder configuration changes. |
346 | GPG13: Accounts Created on Sidewinder | Displays all accounts created on Sidewinder to ensure authorized and appropriate access. |
347 | GPG13: Accounts Deleted on Sidewinder | Displays all accounts deleted on Sidewinder to ensure authorized and appropriate access. |
348 | GPG13: Unencrypted Network Services - Sidewinder | Displays Sidewinder firewall traffic containing unencrypted network services. |
349 | GPG13: Denied Connections - Sidewinder | Displays all connections that have been denied by the Sidewinder devices. |
350 | GPG13: NetApp Filer Audit Logs Cleared | Displays all audit logs clearing activities on NetApp Filer Audit to detect access violations or unusual activity. |
351 | GPG13: Cisco ESA: Attacks by Event ID | Displays Cisco ESA attacks by Event ID. |
352 | GPG13: Cisco ESA: Attacks Detected | Displays attacks detected by Cisco ESA. |
353 | GPG13: Cisco ESA: Attacks by Threat Name | Displays Cisco ESA attacks by threat name. |
354 | GPG13: Cisco ESA: Updated | Displays updates to Cisco ESA. |
355 | GPG13: Cisco ESA: Scans | Displays scans using Cisco ESA. |
356 | GPG13: Ports Allowed Access - VMware vShield | Displays all connections passed through the VMware vShield by port. |
357 | GPG13: Ports Denied Access - VMware vShield | Displays the applications that have been denied access the most by the VMware vShield Edge. |
358 | GPG13: Unencrypted Network Services - VMware vShield | Displays VMware vShield firewall traffic containing unencrypted network services. |
359 | GPG13: Denied Connections - VMware vShield | Displays all connections that have been denied by the VMware vShield devices. |
360 | GPG13: DHCP Granted/Renewed Activities on VMware vShield | Displays all DHCP Granted/Renewed activities on VMware vShield Edge. |
361 | GPG13: DHCP Granted/Renewed Activities on Microsoft DHCP | Displays all DHCP Granted/Renewed activities on Microsoft DHCP Server. |
362 | GPG13: Applications Under Attack - Cisco IOS | Displays all applications under attack as well as the attack signatures by Cisco IOS. |
363 | GPG13: Attacks Detected - Cisco IOS | Displays all IDS attacks detected against servers and applications by Cisco IOS. |
364 | GPG13: Attackers by Service - Cisco IOS | Displays all attack source IP address and service ports by Cisco IOS. |
365 | GPG13: Attackers by Signature - Cisco IOS | Displays all attack source IP address and signatures by Cisco IOS. |
366 | GPG13: Sensors Generating Alerts - Cisco IOS | Displays the IDS sensors that generated the most alerts by Cisco IOS. |
367 | GPG13: Servers Under Attack - Cisco IOS | Displays all servers under attack by Cisco IOS. |
368 | GPG13: Source of Attacks - Cisco IOS | Displays the sources that have initiated the most attacks by Cisco IOS. |
369 | GPG13: Denied Connections - Cisco IOS | Displays all connections that have been denied by the Cisco IOS devices. |
370 | GPG13: Ports Allowed Access - Cisco IOS | Displays all connections passed through the Cisco IOS by port. |
371 | GPG13: Ports Denied Access - Cisco IOS | Displays the applications that have been denied access the most by the Cisco IOS. |
372 | GPG13: Unencrypted Network Services - Cisco IOS | Displays Cisco IOS firewall traffic containing unencrypted network services. |
373 | GPG13: Files Accessed through Juniper SSL VPN (Secure Access) | Displays all files accessed through Juniper SSL VPN (Secure Access). |
374 | GPG13: Juniper SSL VPN (Secure Access) Policy Changed | Displays all configuration changes to the Juniper SSL VPN (Secure Access) policies. |
375 | GPG13: DNS Server Error | Displays all events when DNS Server has errors. |
376 | GPG13: Juniper Firewall Policy Changed | Displays all configuration changes to the Juniper Firewall policies. |
377 | GPG13: Accounts Created on TIBCO Administrator | Displays all accounts created on TIBCO Administrator to ensure authorized and appropriate access. |
378 | GPG13: Accounts Deleted on TIBCO Administrator | Displays all accounts deleted on TIBCO Administrator to ensure authorized and appropriate access. |
379 | GPG13: Unencrypted Network Services - F5 BIG-IP TMOS | Displays F5 BIG-IP TMOS firewall traffic containing unencrypted network services. |
380 | GPG13: Denied Connections - F5 BIG-IP TMOS | Displays all connections that have been denied by the F5 BIG-IP TMOS devices. |
381 | GPG13: TIBCO Administrator Password Changes | Displays all password change activities on TIBCO Administrator to ensure authorized and appropriate access. |
382 | GPG13: TIBCO Administrator Permission Changes | Displays events related to TIBCO Administrator permission modifications. |
383 | GPG13: Accounts Changed on TIBCO Administrator | Displays all accounts changed on TIBCO Administrator to ensure authorized and appropriate access. |
384 | GPG13: Accounts Changed on NetApp Filer | Displays all accounts changed on NetApp Filer to ensure authorized and appropriate access. |
385 | GPG13: Accounts Created on NetApp Filer | Displays all accounts created on NetApp Filer to ensure authorized and appropriate access. |
386 | GPG13: Accounts Deleted on NetApp Filer | Displays all accounts deleted on NetApp Filer to ensure authorized and appropriate access. |
387 | GPG13: NetApp Filer File Activity | Displays all file activities on NetApp Filer. |
388 | GPG13: NetApp Filer Login Failed | Displays all NetApp Filer login events which have failed. |
389 | GPG13: NetApp Filer Login Successful | Displays all NetApp Filer login events which have succeeded. |
390 | GPG13: NetApp Filer Password Changes | Displays all password change activities on NetApp Filer to ensure authorized and appropriate access. |
391 | GPG13: Accounts Created on NetApp Filer Audit | Displays all accounts created on NetApp Filer Audit to ensure authorized and appropriate access. |
392 | GPG13: Accounts Deleted on NetApp Filer Audit | Displays all accounts deleted on NetApp Filer Audit to ensure authorized and appropriate access. |
393 | GPG13: Files Accessed on NetApp Filer Audit | Displays all files accessed on NetApp Filer Audit to ensure appropriate access. |
394 | GPG13: Group Activities on NetApp Filer Audit | Displays all group activities on NetApp Filer Audit to ensure authorized and appropriate access. |
395 | GPG13: NetApp Filer Audit Login Failed | Displays all NetApp Filer Audit login events which have failed. |
396 | GPG13: NetApp Filer Audit Login Successful | Displays all NetApp Filer Audit login events which have succeeded. |
397 | GPG13: NetApp Filer Audit Policies Modified | Displays all policy modification activities on NetApp Filer Audit to ensure authorized and appropriate access. |
398 | GPG13: Domain activities on Symantec Endpoint Protection | Displays all domain activities on Symantec Endpoint Protection. |
399 | GPG13: Symantec Endpoint Protection Policy Add, Remove, or Modify | Displays all events when a Symantec Endpoint Protection policy is added, removed, or modified. |
400 | GPG13: Symantec Endpoint Protection Configuration Changes | Displays Symantec Endpoint Protection configuration changes. |
401 | GPG13: Group Activities on Symantec Endpoint Protection | Displays all group activities on Symantec Endpoint Protection to ensure authorized and appropriate access. |
402 | GPG13: Symantec Endpoint Protection Password Changes | Displays all password change activities on Symantec Endpoint Protection to ensure authorized and appropriate access. |
403 | GPG13: Ports Allowed Access - F5 BIG-IP TMOS | Displays all connections passed through the F5 BIG-IP TMOS by port. |
404 | GPG13: Accounts Created on Symantec Endpoint Protection | Displays all accounts created on Symantec Endpoint Protection to ensure authorized and appropriate access. |
405 | GPG13: Accounts Deleted on Symantec Endpoint Protection | Displays all accounts deleted on Symantec Endpoint Protection to ensure authorized and appropriate access. |
406 | GPG13: Applications Under Attack - ISS SiteProtector | Displays all applications under attack as well as the attack signatures by ISS SiteProtector. |
407 | GPG13: Attacks Detected - ISS SiteProtector | Displays all IDS attacks detected against servers and applications by ISS SiteProtector. |
408 | GPG13: Attackers by Service - ISS SiteProtector | Displays all attack source IP address and service ports by ISS SiteProtector. |
409 | GPG13: Attackers by Signature - ISS SiteProtector | Displays all attack source IP address and signatures by ISS SiteProtector. |
410 | GPG13: Sensors Generating Alerts - ISS SiteProtector | Displays the IDS sensors that generated the most alerts by ISS SiteProtector. |
411 | GPG13: Servers Under Attack - ISS SiteProtector | Displays all servers under attack by ISS SiteProtector. |
412 | GPG13: Source of Attacks - ISS SiteProtector | Displays the sources that have initiated the most attacks by ISS SiteProtector. |
413 | GPG13: Applications Under Attack - SiteProtector | Displays all applications under attack as well as the attack signatures by SiteProtector. |
414 | GPG13: Attacks Detected - SiteProtector | Displays all IDS attacks detected against servers and applications by SiteProtector. |
415 | GPG13: Attackers by Service - SiteProtector | Displays all attack source IP address and service ports by SiteProtector. |
416 | GPG13: Attackers by Signature - SiteProtector | Displays all attack source IP address and signatures by SiteProtector. |
417 | GPG13: Sensors Generating Alerts - SiteProtector | Displays the IDS sensors that generated the most alerts by SiteProtector. |
418 | GPG13: Servers Under Attack - SiteProtector | Displays all servers under attack by SiteProtector. |
419 | GPG13: Source of Attacks - SiteProtector | Displays the sources that have initiated the most attacks by SiteProtector. |
420 | GPG13: Files Downloaded through Proxy - Microsoft IIS | Displays all proxy-based downloads to ensure authorized and appropriate access on Microsoft IIS. |
421 | GPG13: Files Uploaded through Proxy - Microsoft IIS | Displays all proxy-based uploads to ensure only authorized data can be uploaded on Microsoft IIS. |
422 | GPG13: Peer Servers and Status - Microsoft IIS | Displays all web servers providing data for cache servers and the status of requests on Microsoft IIS. |
423 | GPG13: Web URLs Visited through Proxy - Microsoft IIS | Displays URLs that have been visited through a proxy server on Microsoft IIS. |
424 | GPG13: Users Using the Proxies - Microsoft IIS | Displays users who have been surfing the web through the proxy servers on Microsoft IIS. |
425 | GPG13: Allowed URLs by Source IPs - Microsoft IIS | Displays successful access to URLs by source IP addresses on Microsoft IIS. |
426 | GPG13: Allowed URLs by Source Users - Microsoft IIS | Displays successful access to URLs by source users on Microsoft IIS. |
427 | GPG13: Blocked URLs by Source IPs - Microsoft IIS | Displays URLs that have been blocked by source IP addresses on Microsoft IIS. |
428 | GPG13: Blocked URLs by Source Users - Microsoft IIS | Displays URLs that have been blocked by source users on Microsoft IIS. |
429 | GPG13: Files Downloaded through the Web - Microsoft IIS | Displays all web-based downloads to ensure authorized and appropriate access on Microsoft IIS. |
430 | GPG13: Files Uploaded through the Web - Microsoft IIS | Displays all web-based uploads to ensure only authorized data can be uploaded on Microsoft IIS. |
431 | GPG13: Web URLs Visited - Microsoft IIS | Displays URLs that have been visited on Microsoft IIS. |
432 | GPG13: Web Access to Applications - Microsoft IIS | Displays all web-based access to applications to ensure appropriate and authorized access on Microsoft IIS. |
433 | GPG13: Web Access from All Users - Microsoft IIS | Displays all web-based access by all users for regular reviews and updates on Microsoft IIS. |
434 | GPG13: vCenter Orchestrator Virtual Machine Created | Virtual machine has been created from VMware vCenter Orchestrator. |
435 | GPG13: vCenter Orchestrator Virtual Machine Deleted | Virtual machine has been deleted from VMware vCenter Orchestrator. |
436 | GPG13: vCenter Orchestrator Datastore Events | Displays create, modify, and delete datastore events on VMware vCenter Orchestrator. |
437 | GPG13: vCenter Orchestrator Failed Logins | Displays all failed logins for VMWare vCenter Orchestrator. |
438 | GPG13: vCenter Orchestrator Data Move | Entity has been moved within the VMware vCenter Orchestrator infrastructure. |
439 | GPG13: vCenter Orchestrator Virtual Machine Shutdown | Virtual machine has been shutdown or paused from VMware vCenter Orchestrator console. |
440 | GPG13: vCenter Orchestrator Virtual Machine Started | Virtual machine has been started or resumed from VMware vCenter Orchestrator console. |
441 | GPG13: vCenter Orchestrator vSwitch Added, Changed or Removed | vSwitch has been added, modified or removed from VMware vCenter Orchestrator console. |
442 | GPG13: vCenter Orchestrator Change Attributes | Modification of VMware vCenter Orchestrator properties. |
443 | GPG13: Allowed URLs by Source IPs - F5 BIG-IP TMOS | Displays successful access to URLs by source IP addresses on F5 BIG-IP TMOS. |
444 | GPG13: Allowed URLs by Source Users - F5 BIG-IP TMOS | Displays successful access to URLs by source users on F5 BIG-IP TMOS. |
445 | GPG13: Blocked URLs by Source IPs - F5 BIG-IP TMOS | Displays URLs that have been blocked by source IP addresses on F5 BIG-IP TMOS. |
446 | GPG13: Blocked URLs by Source Users - F5 BIG-IP TMOS | Displays URLs that have been blocked by source users on F5 BIG-IP TMOS. |
447 | GPG13: Files Downloaded through the Web - F5 BIG-IP TMOS | Displays all web-based downloads ensure authorized and appropriate access on F5 BIG-IP TMOS. |
448 | GPG13: Files Uploaded through the Web - F5 BIG-IP TMOS | Displays all web-based uploads to ensure only authorized data can be uploaded on F5 BIG-IP TMOS. |
449 | GPG13: Web URLs Visited - F5 BIG-IP TMOS | Displays URLs that have been visited on F5 BIG-IP TMOS. |
450 | GPG13: Web Access to Applications - F5 BIG-IP TMOS | Displays all web-based access to applications to ensure appropriate and authorized access on F5 BIG-IP TMOS. |
451 | GPG13: Web Access from All Users - F5 BIG-IP TMOS | Displays all web-based access by all users for regular reviews and updates on F5 BIG-IP TMOS. |
452 | GPG13: F5 BIG-IP TMOS Login Failed | Displays all F5 BIG-IP TMOS login events which have failed. |
453 | GPG13: F5 BIG-IP TMOS Login Successful | Displays all F5 BIG-IP TMOS login events which have succeeded. |
454 | GPG13: F5 BIG-IP TMOS Password Changes | Displays all password change activities on F5 BIG-IP TMOS to ensure authorized and appropriate access. |
455 | GPG13: Files Uploaded through Proxy - Blue Coat | Displays all proxy-based uploads to ensure only authorized data can be uploaded on Blue Coat. |
456 | GPG13: Files Downloaded through Proxy - Blue Coat | Displays all proxy-based downloads to ensure authorized and appropriate access on Blue Coat. |
457 | GPG13: Peer Servers and Status - Blue Coat | Displays all web servers providing data for cache servers and the status of requests on Blue Coat. |
458 | GPG13: Users Using the Proxies - Blue Coat | Displays users who have been surfing the web through the proxy servers on Blue Coat. |
459 | GPG13: Web URLs Visited through Proxy - Blue Coat | Displays URLs that have been visited through a proxy server on Blue Coat. |
460 | GPG13: Attacks Detected - HIPS | Displays all IPS attacks detected against servers and applications. |
461 | GPG13: Servers Under Attack - HIPS | Displays all servers under attack. |
462 | GPG13: Source of Attacks - HIPS | Displays the sources that have initiated the most attacks. |
463 | GPG13: HP NonStop Audit Configuration Changes | Displays all audit configuration changes on HP NonStop. |
464 | GPG13: HP NonStop Audit Login Failed | Displays all HP NonStop Audit login events which have failed. |
465 | GPG13: HP NonStop Audit Login Successful | Displays all HP NonStop Audit login events which have succeeded. |
466 | GPG13: HP NonStop Audit Object Access | Displays HP NonStop Audit events related to object access. |
467 | GPG13: HP NonStop Audit Object Changes | Displays HP NonStop Audit events related to object changes. |
468 | GPG13: HP NonStop Audit Permissions Changed | Displays all permission modification activities on HP NonStop Audit to ensure authorized access. |
469 | GPG13: LogLogic Management Center Account Activities | Displays all accounts activities on LogLogic management center to ensure authorized and appropriate access. |
470 | GPG13: LogLogic Management Center Restore Activities | Displays all restore activities on LogLogic management center. |
471 | GPG13: LogLogic Management Center Backup Activities | Displays all backup activities on LogLogic management center. |
472 | GPG13: LogLogic Management Center Login | Displays all login events to the LogLogic management center. |
473 | GPG13: LogLogic Management Center Password Changes | Displays all password change activities on LogLogic management center to ensure authorized and appropriate access. |
474 | GPG13: LogLogic Management Center Upgrade Success | Displays all successful events related to the system's upgrade. |
475 | GPG13: LogLogic Universal Collector Configuration Changes | Displays LogLogic universal collector configuration changes. |
476 | GPG13: Sensors Generating Alerts - Sourcefire Defense Center | Displays the IDS sensors that generated the most alerts by Sourcefire Defense Center. |
477 | GPG13: Servers Under Attack - Sourcefire Defense Center | Displays all servers under attack by Sourcefire Defense Center. |
478 | GPG13: Source of Attacks - Sourcefire Defense Center | Displays the sources that have initiated the most attacks by Sourcefire Defense Center. |
479 | GPG13: Applications Under Attack - Sourcefire Defense Center | Displays all applications under attack as well as the attack signatures by Sourcefire Defense Center. |
480 | GPG13: Attackers by Service - Sourcefire Defense Center | Displays all attack source IP address and service ports by Sourcefire Defense Center. |
481 | GPG13: Attackers by Signature - Sourcefire Defense Center | Displays all attack source IP address and signatures by Sourcefire Defense Center. |
482 | GPG13: Attacks Detected - Sourcefire Defense Center | Displays all IDS attacks detected against servers and applications by Sourcefire Defense Center. |
483 | GPG13: Ports Allowed Access - Sidewinder | Displays all connections passed through the Sidewinder by port. |
484 | GPG13: Ports Denied Access - Sidewinder | Displays the applications that have been denied access the most by the Sidewinder. |
485 | GPG13: Files Downloaded through Proxy - Cisco WSA | Displays all proxy-based downloads to ensure authorized and appropriate access on Cisco WSA. |
486 | GPG13: Files Uploaded through Proxy - Cisco WSA | Displays all proxy-based uploads to ensure only authorized data can be uploaded on Cisco WSA. |
487 | GPG13: Peer Servers and Status - Cisco WSA | Displays all web servers providing data for cache servers and the status of requests on Cisco WSA. |
488 | GPG13: Users Using the Proxies - Cisco WSA | Displays users who have been surfing the web through the proxy servers on Cisco WSA. |
489 | GPG13: Web Access to Applications - PANOS | Displays all web-based access to applications to ensure appropriate and authorized access on Palo Alto Networks. |
490 | GPG13: Web URLs Visited - PANOS | Displays URLs that have been visited on Palo Alto Networks. |
491 | GPG13: Web Access from All Users - PANOS | Displays all web-based access by all users for regular reviews and updates on Palo Alto Networks. |
492 | GPG13: Files Accessed through PANOS | Displays all files accessed through Palo Alto Networks. |
493 | GPG13: Web Access to Applications - Fortinet | Displays all web-based access to applications to ensure appropriate and authorized access on Fortinet. |
494 | GPG13: Web URLs Visited - Fortinet | Displays URLs that have been visited on Fortinet. |
495 | GPG13: Web Access from All Users - Fortinet | Displays all web-based access by all users for regular reviews and updates on Fortinet. |
496 | GPG13: NetApp Filer Audit Group Members Deleted | Displays all accounts removed from groups on the NetApp Filer Audit to ensure appropriate access. |
497 | GPG13: Groups Created on NetApp Filer Audit | Displays all groups created on NetApp Filer Audit to ensure authorized and appropriate access. |
498 | GPG13: Groups Deleted on NetApp Filer Audit | Displays all groups deleted on NetApp Filer Audit to ensure authorized and appropriate access. |
499 | GPG13: NetApp Filer Audit Accounts Enabled | Displays all accounts enabled on NetApp Filer Audit to ensure authorized and appropriate access. |
500 | GPG13: NetApp Filer Audit Group Members Added | Displays all accounts added to groups on the NetApp Filer Audit to ensure appropriate access. |
501 | GPG13: Accounts Changed on TIBCO ActiveMatrix Administrator | Displays all accounts changed on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
502 | GPG13: Accounts Created on TIBCO ActiveMatrix Administrator | Displays all accounts created on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
503 | GPG13: Accounts Deleted on TIBCO ActiveMatrix Administrator | Displays all accounts deleted on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
504 | GPG13: Group Activities on TIBCO ActiveMatrix Administrator | Displays all group activities on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
505 | GPG13: Groups Created on TIBCO ActiveMatrix Administrator | Displays all groups created on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
506 | GPG13: Groups Deleted on TIBCO ActiveMatrix Administrator | Displays all groups deleted on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
507 | GPG13: TIBCO ActiveMatrix Administrator Failed Logins | Displays all TIBCO ActiveMatrix Administrator login events which have failed. |
508 | GPG13: TIBCO ActiveMatrix Administrator Permission Changes | Displays events related to TIBCO ActiveMatrix Administrator permission modifications. |
509 | GPG13: TIBCO ActiveMatrix Administrator Successful Logins | Displays successful logins to TIBCO ActiveMatrix Administrator to ensure only authorized personnel have access. |
510 | GPG13: Files Accessed Through Pulse Connect Secure | Displays all files accessed through Pulse Connect Secure. |
511 | GPG13: Sensors Generating Alerts - FireEye MPS | Displays the IDS sensors that generated the most alerts by FireEye MPS. |
512 | GPG13: Servers under Attacks - FireEye MPS | Displays all servers under attack by FireEye MPS. |
513 | GPG13: Source of Attacks - FireEye MPS | Displays the sources that have initiated the most attacks by FireEye MPS |
514 | GPG13: Applications Under Attack - FireEye MPS | Displays all applications under attack as well the attack signatures by FireEye MPS. |
515 | GPG13: Attackers by Signature - FireEye MPS | Displays all attack source IP address and signatures by FireEye MPS. |
516 | GPG13: Attackers by Service - FireEye MPS | Displays all attack source IP address and service ports by FireEye MPS. |
517 | GPG13: Files Downloaded via Proxy | Displays all proxy-based downloads to ensure authorized and appropriate access on Cisco WSA. |
518 | GPG13: Files Downloaded via Proxy - Blue Coat | Displays all proxy-based downloads to ensure authorized and appropriate access on Blue Coat. |
519 | GPG13: Files Downloaded via Proxy - Cisco WSA | Displays all proxy-based downloads to ensure authorized and appropriate access on Cisco WSA |
520 | GPG13: Files Downloaded via Proxy - Microsoft IIS | Displays all proxy-based downloads to ensure authorized and appropriate access on Microsoft IIS. |
521 | GPG13: Files Downloaded via the Web | Displays all web-based downloads ensure authorized and appropriate access. |
522 | GPG13: Files Downloaded via the Web - F5 BIG-IP TMOS | Displays all web-based downloads ensure authorized and appropriate access on F5 BIG-IP TMOS. |
523 | GPG13: Files Downloaded via the Web - Microsoft IIS | Displays all web-based downloads ensure authorized and appropriate access on Microsoft IIS. |
524 | GPG13: Files Uploaded via Proxy | Displays all proxy-based uploads to ensure only authorized data can be uploaded. |
525 | GPG13: Files Uploaded via Proxy - Blue Coat | Displays all proxy-based uploads to ensure only authorized data can be uploaded on Blue Coat. |
526 | GPG13: Files Uploaded via Proxy - Cisco WSA | Displays all proxy-based uploads to ensure only authorized data can be uploaded on Cisco WSA. |
527 | GPG13: Files Uploaded via Proxy - Microsoft IIS | Displays all proxy-based uploads to ensure only authorized data can be uploaded on Microsoft IIS. |
528 | GPG13: Files Uploaded via the web | Displays all web-based uploads to ensure only authorized data can be uploaded. |
529 | GPG13: Files Uploaded via the Web - F5 BIG-IP TMOS | Displays all web-based uploads to ensure only authorized data can be uploaded on F5 BIG-IP TMOS. |
530 | GPG13: Files Uploaded via the Web - Microsoft IIS | Displays all web-based uploads to ensure only authorized data can be uploaded on Microsoft IIS. |
531 | GPG13: FireEye MPS: Attacks by Event ID | Displays FireEye MPS attacks by Event ID. |
532 | GPG13: FireEye MPS: Attacks by Threat Name | Displays FireEye MPS attacks by threat name. |
533 | GPG13: FireEye MPS: Attacks Detected | Displays attacks detected by FireEye MPS. |
534 | GPG13: Pulse Connect Secure Failed Logins | Displays a report of all failed logins at the Pulse Connect Secure. |
535 | GPG13: Pulse Connect Secure Policy Change | Displays all configuration changes to the Pulse Connect Secure policies. |
536 | GPG13: Pulse Connect Secure Successful Logins | Displays all successfull logins through the Pulse Connect Secure. |
537 | GPG13: Web URLs Visited via Proxy | Displays URLs that have been visited via a proxy server. |
538 | GPG13: Web URLs Visited via Proxy - Blue Coat | Displays URLs that have been visited via a proxy server on Blue Coat. |
539 | GPG13: Web URLs Visited via Proxy - Cisco WSA | Displays URLs that have been visited via a proxy server on Cisco WSA. |
540 | GPG13: Web URLs Visited via Proxy - Microsoft IIS | Displays URLs that have been visited via a proxy server on Microsoft IIS. |
Copyright © Cloud Software Group, Inc. All rights reserved.