TIBCO LogLogic Reports for HIPAA
All TIBCO LogLogic reports can be used to monitor regular user activity, as well as the activity and results of system and network administrators.
| Serial Number | TIBCO LogLogic Report | Description |
|---|---|---|
| 1 | HIPAA: Accepted VPN Connections - RADIUS | Displays all users connected to the internal network through the RADIUS VPN. |
| 2 | HIPAA: Account Activities on UNIX Servers | Displays all accounts activities on UNIX servers to ensure authorized and appropriate access. |
| 3 | HIPAA: Account Activities on Windows Servers | Displays all accounts activities on Windows servers to ensure authorized and appropriate access. |
| 4 | HIPAA: Accounts Changed on NetApp Filer | Displays all accounts changed on NetApp Filer to ensure authorized and appropriate access. |
| 5 | HIPAA: Accounts Changed on TIBCO Administrator | Displays all accounts changed on TIBCO Administrator to ensure authorized and appropriate access. |
| 6 | HIPAA: Accounts Changed on TIBCO ActiveMatrix Administrator | Displays all accounts changed on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
| 7 | HIPAA: Accounts Changed on UNIX Servers | Displays all accounts changed on UNIX servers to ensure authorized and appropriate access. |
| 8 | HIPAA: Accounts Changed on Windows Servers | Displays all accounts changed on Windows servers to ensure authorized and appropriate access. |
| 9 | HIPAA: Accounts Created on NetApp Filer | Displays all accounts created on NetApp Filer to ensure authorized and appropriate access. |
| 10 | HIPAA: Accounts Created on NetApp Filer Audit | Displays all accounts created on NetApp Filer Audit to ensure authorized and appropriate access. |
| 11 | HIPAA: Accounts Created on Sidewinder | Displays all accounts created on Sidewinder to ensure authorized and appropriate access. |
| 12 | HIPAA: Accounts Created on Symantec Endpoint Protection | Displays all accounts created on Symantec Endpoint Protection to ensure authorized and appropriate access. |
| 13 | HIPAA: Accounts Created on TIBCO Administrator | Displays all accounts created on TIBCO Administrator to ensure authorized and appropriate access. |
| 14 | HIPAA: Accounts Created on TIBCO ActiveMatrix Administrator | Displays all accounts created on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
| 15 | HIPAA: Accounts Created on UNIX Servers | Displays all accounts created on UNIX servers to ensure authorized and appropriate access. |
| 16 | HIPAA: Accounts Created on Windows Servers | Displays all accounts created on Windows servers to ensure authorized and appropriate access. |
| 17 | HIPAA: Accounts Deleted on NetApp Filer | Displays all accounts deleted on NetApp Filer to ensure authorized and appropriate access. |
| 18 | HIPAA: Accounts Deleted on NetApp Filer Audit | Displays all accounts deleted on NetApp Filer Audit to ensure authorized and appropriate access. |
| 19 | HIPAA: Accounts Deleted on Sidewinder | Displays all accounts deleted on Sidewinder to ensure authorized and appropriate access. |
| 20 | HIPAA: Accounts Deleted on Symantec Endpoint Protection | Displays all accounts deleted on Symantec Endpoint Protection to ensure authorized and appropriate access. |
| 21 | HIPAA: Accounts Deleted on TIBCO Administrator | Displays all accounts deleted on TIBCO Administrator to ensure authorized and appropriate access. |
| 22 | HIPAA: Accounts Deleted on TIBCO ActiveMatrix Administrator | Displays all accounts deleted on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
| 23 | HIPAA: Accounts Deleted on UNIX Servers | Displays all accounts deleted on UNIX servers to ensure authorized and appropriate access. |
| 24 | HIPAA: Accounts Deleted on Windows Servers | Displays all accounts deleted on Windows servers to ensure authorized and appropriate access. |
| 25 | HIPAA: Active Directory System Changes | Displays changes made within Active Directory. |
| 26 | HIPAA: Administrators Activities on Servers | Displays the latest activities performed by administrators and root users to ensure appropriate access. |
| 27 | HIPAA: Applications Under Attack | Displays all applications under attack as well as the attack signatures. |
| 28 | HIPAA: Applications Under Attack - Cisco IOS | Displays all applications under attack as well as the attack signatures by Cisco IOS. |
| 29 | HIPAA: Applications Under Attack - FireEye MPS | Displays all applications under attack as well as the attack signatures by FireEye MPS. |
| 30 | HIPAA: Applications Under Attack - ISS SiteProtector | Displays all applications under attack as well as the attack signatures by ISS SiteProtector. |
| 31 | HIPAA: Applications Under Attack - SiteProtector | Displays all applications under attack as well as the attack signatures by SiteProtector. |
| 32 | HIPAA: Applications Under Attack - Sourcefire Defense Center | Displays all applications under attack as well as the attack signatures by Sourcefire Defense Center. |
| 33 | HIPAA: Attacks Detected | Displays all IDS attacks detected against servers and applications. |
| 34 | HIPAA: Attacks Detected - Cisco IOS | Displays all IDS attacks detected against servers and applications by Cisco IOS. |
| 35 | HIPAA: Attacks Detected - HIPS | Displays all IPS attacks detected against servers and applications. |
| 36 | HIPAA: Attacks Detected - ISS SiteProtector | Displays all IDS attacks detected against servers and applications by ISS SiteProtector. |
| 37 | HIPAA: Attacks Detected - SiteProtector | Displays all IDS attacks detected against servers and applications by SiteProtector |
| 38 | HIPAA: Attacks Detected - Sourcefire Defense Center | Displays all IDS attacks detected against servers and applications by Sourcefire Defense Center |
| 39 | HIPAA: Attack Origins | Displays the sources that have initiated the most attacks. |
| 40 | HIPAA: Attack Origins - Cisco IOS | Displays the sources that have initiated the most attacks by Cisco IOS. |
| 41 | HIPAA: Attack Origins - HIPS | Displays the sources that have initiated the most attacks. |
| 42 | HIPAA: Attack Origins - ISS SiteProtector | Displays the sources that have initiated the most attacks by ISS SiteProtector. |
| 43 | HIPAA: Attack Origins - SiteProtector | Displays the sources that have initiated the most attacks by SiteProtector |
| 44 | HIPAA: Attack Origins - Sourcefire Defense Center | Displays the sources that have initiated the most attacks by Sourcefire Defense Center |
| 45 | HIPAA: Check Point Management Station Login | Displays all login events to the Check Point management station. |
| 46 | HIPAA: Check Point Management Station Logout | Displays all logoff events to the Check Point management station. |
| 47 | HIPAA: Check Point Object Activity | Displays all creation, deletion, and modification of Check Point objects. |
| 48 | HIPAA: Check Point Configuration Changes | Displays all Check Point audit events related to configuration changes. |
| 49 | HIPAA: Cisco ESA: Attacks by Event ID | Displays Cisco ESA attacks by Event ID. |
| 50 | HIPAA: Cisco ESA: Attacks Detected | Displays attacks detected by Cisco ESA. |
| 51 | HIPAA: Cisco ESA: Attacks by Threat Name | Displays Cisco ESA attacks by threat name. |
| 52 | HIPAA: Cisco ESA: Scans | Displays scans using Cisco ESA. |
| 53 | HIPAA: Cisco ESA: Updated | Displays updates to Cisco ESA. |
| 54 | HIPAA: Cisco ISE, ACS Accounts Created | Displays all accounts created on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. |
| 55 | HIPAA: Cisco ISE, ACS Accounts Removed | Displays all accounts removed on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. |
| 56 | HIPAA: Cisco ISE, ACS Configuration Changes | Displays Cisco ISE and Cisco SecureACS configuration changes. |
| 57 | HIPAA: Cisco ISE, ACS Password Changes | Displays all password change activities on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. |
| 58 | HIPAA: Cisco PIX, ASA, FWSM Failover Disabled | Displays all logs related to disabling Cisco PIX, ASA, and FWSM failover capability. |
| 59 | HIPAA: Cisco PIX, ASA, FWSM Failover Performed | Displays all logs related to performing a Cisco PIX, ASA, and FWSM failover. |
| 60 | HIPAA: Cisco PIX, ASA, FWSM Restarted | Displays all Cisco PIX, ASA, or FWSM restart activities to detect unusual activities. |
| 61 | HIPAA: Cisco PIX, ASA, FWSM Routing Failure | Displays all Cisco PIX, ASA, and FWSM routing error messages. |
| 62 | HIPAA: Cisco PIX, ASA, FWSM Policy Changed | Displays all configuration changes made to the Cisco PIX, ASA, and FWSM devices. |
| 63 | HIPAA: Cisco Routers and Switches Restart | Displays all Cisco routers and switches restart activities to detect unusual activities. |
| 64 | HIPAA: Cisco Switch Policy Changes | Displays all configuration changes to the Cisco router and switch policies. |
| 65 | HIPAA: Creation and Deletion of System Level Objects: DB2 Database | Displays DB2 database events related to creation and deletion of system-level objects. |
| 66 | HIPAA: Creation and Deletion of System Level Objects: Oracle | Displays Oracle database events related to creation and deletion of system-level objects. |
| 67 | HIPAA: Creation and Deletion of System Level Objects: SQL Server | Displays Microsoft SQL Server events related to creation and deletion of system-level objects. |
| 68 | HIPAA: Creation and Deletion of System Level Objects: Windows | Displays all Windows events related to creation and deletion of system-level objects. |
| 69 | HIPAA: DB2 Database Configuration Changes | Displays DB2 database configuration changes. |
| 70 | HIPAA: DB2 Database Failed Logins | Displays all failed login attempts to review any access violations or unusual activity. |
| 71 | HIPAA: DB2 Database Successful Logins | Displays successful DB2 database logins. |
| 72 | HIPAA: DB2 Database User Additions and Deletions | Displays IBM DB2 Database events related to creation and deletion of database users. |
| 73 | HIPAA: Denied VPN Connections - RADIUS | Displays all users denied access to the internal network by the RADIUS VPN. |
| 74 | HIPAA: DHCP Granted/Renewed Activities on Microsoft DHCP | Displays all DHCP Granted or Renewed Activities on Microsoft DHCP Server. |
| 75 | HIPAA: DHCP Granted/Renewed Activities on VMware vShield | Displays all DHCP Granted or Renewed Activities on VMware vShield Edge. |
| 76 | HIPAA: DNS Server Error | Displays all events when DNS Server has errors. |
| 77 | HIPAA: Escalated Privilege Activities on Servers | Displays all privilege escalation activities performed on servers to ensure appropriate access. |
| 78 | HIPAA: ESX Accounts Activities | Displays all accounts activities on VMware ESX servers to ensure authorized and appropriate access. |
| 79 | HIPAA: ESX Accounts Created | Displays all accounts created on VMware ESX servers to ensure authorized and appropriate access. |
| 80 | HIPAA: ESX Accounts Deleted | Displays all accounts deleted on VMware ESX servers to ensure authorized and appropriate access. |
| 81 | HIPAA: ESX Failed Logins | Failed VMware ESX logins for known user. |
| 82 | HIPAA: ESX Group Activities | Displays all group activities on VMware ESX servers to ensure authorized and appropriate access. |
| 83 | HIPAA: ESX Kernel log daemon terminating | Displays all VMware ESX Kernel log daemon terminating. |
| 84 | HIPAA: ESX Kernel logging Stop | Displays all VMware ESX Kernel logging stops. |
| 85 | HIPAA: ESX Logins Failed Unknown User | Failed VMware ESX logins for unknown user. |
| 86 | HIPAA: ESX Logins Succeeded | Displays successful logins to VMware ESX to ensure only authorized personnel have access. |
| 87 | HIPAA: ESX Syslogd Restart | Displays all VMware ESX syslogd restarts. |
| 88 | HIPAA: F5 BIG-IP TMOS Login Failed | Displays all F5 BIG-IP TMOS login events which have failed. |
| 89 | HIPAA: F5 BIG-IP TMOS Login Successful | Displays all F5 BIG-IP TMOS login events which have succeeded. |
| 90 | HIPAA: F5 BIG-IP TMOS Password Changes | Displays all password change activities on F5 BIG-IP TMOS to ensure authorized and appropriate access. |
| 91 | HIPAA: F5 BIG-IP TMOS Restarted | Displays all events when the F5 BIG-IP TMOS has been restarted. |
| 92 | HIPAA: Failed Logins | Displays all failed login attempts to review any access violations or unusual activity. |
| 93 | HIPAA: Files Accessed on NetApp Filer Audit | Displays all files accessed on NetApp Filer Audit to ensure appropriate access. |
| 94 | HIPAA: Files Accessed on Servers | Displays all files accessed on servers to ensure appropriate access. |
| 95 | HIPAA: Files Accessed through Juniper SSL VPN (Secure Access) | Displays all files accessed through Juniper SSL VPN (Secure Access). |
| 96 | HIPAA: Files Accessed through PANOS | Displays all files accessed through Palo Alto Networks. |
| 97 | HIPAA: Files Accessed through Pulse Connect Secure | Displays all files accessed through Pulse Connect Secure. |
| 98 | HIPAA: FireEye MPS: Attacks Detected | Displays attacks detected by FireEye MPS. |
| 99 | HIPAA: FireEye MPS: Attacks by Event ID | Displays FireEye MPS attacks by Event ID. |
| 100 | HIPAA: FireEye MPS: Attacks by Threat Name | Displays FireEye MPS attacks by threat name. |
| 101 | HIPAA: Firewall Connections Accepted - Check Point | Displays all traffic passing through the Check Point firewall. |
| 102 | HIPAA: Firewall Connections Accepted - Cisco ASA | Displays all traffic passing through the Cisco ASA firewall. |
| 103 | HIPAA: Firewall Connections Accepted - Cisco FWSM | Displays all traffic passing through the Cisco FWSM firewall. |
| 104 | HIPAA: Firewall Connections Accepted - Cisco IOS | Displays all traffic passing through the Cisco IOS firewall. |
| 105 | HIPAA: Firewall Connections Accepted - Cisco Netflow | Displays all traffic passing through the Cisco Netflow. |
| 106 | HIPAA: Firewall Connections Accepted - Cisco NXOS | Displays all traffic passing through the Cisco NXOS device. |
| 107 | HIPAA: Firewall Connections Accepted - Cisco PIX | Displays all traffic passing through the Cisco PIX firewall. |
| 108 | HIPAA: Firewall Connections Accepted - F5 BIG-IP TMOS | Displays all traffic passing through the F5 BIG-IP TMOS device. |
| 109 | HIPAA: Firewall Connections Accepted - Fortinet | Displays all traffic passing through the Fortinet firewall. |
| 110 | HIPAA: Firewall Connections Accepted - Juniper Firewall | Displays all traffic passing through the Juniper Firewall. |
| 111 | HIPAA: Firewall Connections Accepted - Juniper JunOS | Displays all traffic passing through the Juniper JunOS firewall. |
| 112 | HIPAA: Firewall Connections Accepted - Juniper RT Flow | Displays all traffic passing through the Juniper RT Flow. |
| 113 | HIPAA: Firewall Connections Accepted - Nortel | Displays all traffic passing through the Nortel firewall. |
| 114 | HIPAA: Firewall Connections Accepted - PANOS | Displays all traffic passing through the Palo Alto Networks firewall. |
| 115 | HIPAA: Firewall Connections Accepted - Sidewinder | Displays all traffic passing through the Sidewinder firewall. |
| 116 | HIPAA: Firewall Connections Accepted - VMware vShield | Displays all traffic passing through the VMware vShield device. |
| 117 | HIPAA: Firewall Connections Denied - Check Point | Displays the applications that have been denied access the most by the Check Point devices. |
| 118 | HIPAA: Firewall Connections Denied - Cisco ASA | Displays the applications that have been denied access the most by the Cisco ASA devices. |
| 119 | HIPAA: Firewall Connections Denied - Cisco FWSM | Displays the applications that have been denied access the most by the Cisco FWSM devices. |
| 120 | HIPAA: Firewall Connections Denied - Cisco IOS | Displays the applications that have been denied access the most by the Cisco IOS. |
| 121 | HIPAA: Firewall Connections Denied - Cisco NXOS | Displays the applications that have been denied access the most by the Cisco NXOS devices. |
| 122 | HIPAA: Firewall Connections Denied - Cisco PIX | Displays the applications that have been denied access the most by the Cisco PIX devices. |
| 123 | HIPAA: Firewall Connections Denied - Cisco Router | Displays the applications that have been denied access the most by the Cisco Router. |
| 124 | HIPAA: Firewall Connections Denied - F5 BIG-IP TMOS | Displays the applications that have been denied access the most by the F5 BIG-IP TMOS. |
| 125 | HIPAA: Firewall Connections Denied - Fortinet | Displays the applications that have been denied access the most by the Fortinet devices. |
| 126 | HIPAA: Firewall Connections Denied - Juniper Firewall | Displays the applications that have been denied access the most by the Juniper Firewall. |
| 127 | HIPAA: Firewall Connections Denied - Juniper JunOS | Displays the applications that have been denied access the most by the Juniper JunOS. |
| 128 | HIPAA: Firewall Connections Denied - Juniper RT Flow | Displays the applications that have been denied access the most by the Juniper RT Flow. |
| 129 | HIPAA: Firewall Connections Denied - Nortel | Displays the applications that have been denied access the most by the Nortel devices. |
| 130 | HIPAA: Firewall Connections Denied - PANOS | Displays the applications that have been denied access the most by the Palo Alto Networks devices. |
| 131 | HIPAA: Firewall Connections Denied - Sidewinder | Displays the applications that have been denied access the most by the Sidewinder. |
| 132 | HIPAA: Firewall Connections Denied - VMware vShield | Displays the applications that have been denied access the most by the VMware vShield. |
| 133 | HIPAA: Firewall Traffic Considered Risky - Check Point | Displays Check Point allowed firewall traffic that is considered risky. |
| 134 | HIPAA: Firewall Traffic Considered Risky - Cisco ASA | Displays Cisco ASA allowed firewall traffic that is considered risky. |
| 135 | HIPAA: Firewall Traffic Considered Risky - Cisco FWSM | Displays Cisco FWSM allowed firewall traffic that is considered risky. |
| 136 | HIPAA: Firewall Traffic Considered Risky - Cisco IOS | Displays Cisco IOS allowed firewall traffic that is considered risky. |
| 137 | HIPAA: Firewall Traffic Considered Risky - Cisco Netflow | Displays Cisco Netflow allowed firewall traffic that is considered risky. |
| 138 | HIPAA: Firewall Traffic Considered Risky - Cisco PIX | Displays Cisco PIX allowed firewall traffic that is considered risky. |
| 139 | HIPAA: Firewall Traffic Considered Risky - F5 BIG-IP TMOS | Displays F5 BIG-IP TMOS allowed firewall traffic that is considered risky. |
| 140 | HIPAA: Firewall Traffic Considered Risky - Fortinet | Displays Fortinet allowed firewall traffic that is considered risky. |
| 141 | HIPAA: Firewall Traffic Considered Risky - Juniper Firewall | Displays Juniper Firewall allowed firewall traffic that is considered risky. |
| 142 | HIPAA: Firewall Traffic Considered Risky - Juniper JunOS | Displays Juniper JunOS allowed firewall traffic that is considered risky. |
| 143 | HIPAA: Firewall Traffic Considered Risky - Juniper RT Flow | Displays Juniper RT Flow allowed firewall traffic that is considered risky. |
| 144 | HIPAA: Firewall Traffic Considered Risky - Nortel | Displays Nortel allowed firewall traffic that is considered risky. |
| 145 | HIPAA: Firewall Traffic Considered Risky - PANOS | Displays Palo Alto Networks allowed firewall traffic that is considered risky. |
| 146 | HIPAA: Firewall Traffic Considered Risky - Sidewinder | Displays Sidewinder allowed firewall traffic that is considered risky. |
| 147 | HIPAA: Firewall Traffic Considered Risky - VMware vShield | Displays VMware vShield Edge allowed firewall traffic that is considered risky. |
| 148 | HIPAA: FortiOS: Attacks by Event ID | Displays FortiOS attacks by Event ID. |
| 149 | HIPAA: FortiOS: Attacks by Threat Name | Displays FortiOS attacks by threat name. |
| 150 | HIPAA: FortiOS: Attacks Detected | Displays attacks detected by FortiOS. |
| 151 | HIPAA: FortiOS DLP Attacks Detected | Displays all DLP attacks detected by FortiOS. |
| 152 | HIPAA: Group Activities on UNIX Servers | Displays all group activities on UNIX servers to ensure authorized and appropriate access. |
| 153 | HIPAA: Group Activities on Windows Servers | Displays all group activities on Windows servers to ensure authorized and appropriate access. |
| 154 | HIPAA: Guardium SQL Guard Audit Configuration Changes | Displays all configuration changes on the Guardium SQL Guard Audit database. |
| 155 | HIPAA: Guardium SQL Guard Audit Data Access | Displays all select statements made on Guardium SQL Audit Server. |
| 156 | HIPAA: Guardium SQL Guard Audit Logins | Displays all login attempts to the Guardium SQL Server Audit database. |
| 157 | HIPAA: Guardium SQL Guard Configuration Changes | Displays all configuration changes on the Guardium SQL Guard database. |
| 158 | HIPAA: Guardium SQL Guard Data Access | Displays all select statements made on Guardium SQL Server. |
| 159 | HIPAA: Guardium SQL Guard Logins | Displays all login attempts to the Guardium SQL Server database. |
| 160 | HIPAA: Group Activities on NetApp Filer Audit | Displays all group activities on NetApp Filer Audit to ensure authorized and appropriate access. |
| 161 | HIPAA: Group Activities on Symantec Endpoint Protection | Displays all group activities on Symantec Endpoint Protection to ensure authorized and appropriate access. |
| 162 | HIPAA: Group Activities on TIBCO ActiveMatrix Administrator | Displays all group activities on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
| 163 | HIPAA: HP NonStop Audit Configuration Changes | Displays all audit configuration changes on HP NonStop. |
| 164 | HIPAA: HP NonStop Audit Login Failed | Displays all HP NonStop Audit login events which have failed. |
| 165 | HIPAA: HP NonStop Audit Login Successful | Displays all HP NonStop Audit login events which have succeeded. |
| 166 | HIPAA: HP NonStop Audit Object Changes | Displays HP NonStop Audit events related to object changes. |
| 167 | HIPAA: HP NonStop Audit Permissions Changed | Displays all permission modification activities on HP NonStop Audit to ensure authorized access. |
| 168 | HIPAA: i5/OS DST Password Reset | Displays i5/OS events related to the reset of the DST (Dedicated Service Tools) password. |
| 169 | HIPAA: i5/OS Files Accessed | Lists all events when a user gains access an i5/OS file. |
| 170 | HIPAA: i5/OS Network User Login Failed | Lists all events when a network user was denied access into the i5/OS. |
| 171 | HIPAA: i5/OS Network User Login Successful | Lists all events when a network user successfully logs into the i5/OS. |
| 172 | HIPAA: i5/OS Network User Profile Creation | Displays i5/OS events when a network user profile has been created. |
| 173 | HIPAA: i5/OS Network User Profile Deletion | Displays i5/OS events when a network user profile has been deleted. |
| 174 | HIPAA: i5/OS Network User Profile Modified | Displays i5/OS events when a network user profile has been modified. |
| 175 | HIPAA: i5/OS Object Permissions Modified | Displays all permission modification activities on i5/OS to ensure authorized access. |
| 176 | HIPAA: i5/OS Restarted | Lists all events when the i5/OS has been restarted. |
| 177 | HIPAA: i5/OS Service Started | Lists all events when a user starts a service on the i5/OS. |
| 178 | HIPAA: i5/OS User Login Failed | Lists all events when a user was denied access into the i5/OS. |
| 179 | HIPAA: i5/OS User Login Successful | Lists all events when a user successfully logs into the i5/OS. |
| 180 | HIPAA: i5/OS User Profile Creation | Displays i5/OS events when a user profile has been created. |
| 181 | HIPAA: i5/OS User Profile Modifications | Displays i5/OS events when a user profile has been modified. |
| 182 | HIPAA: Juniper Firewall HA State Changed | Displays all Juniper Firewall fail-over state change events. |
| 183 | HIPAA: Juniper Firewall Policy Changed | Displays all configuration changes to the Juniper Firewall policies. |
| 184 | HIPAA: Juniper Firewall Policy Out of Sync | Displays events that indicate the Juniper Firewall's HA policies are out of sync. |
| 185 | HIPAA: Juniper Firewall Reset Accepted | Displays events that indicate the Juniper Firewall has been reset to its factory default state. |
| 186 | HIPAA: Juniper Firewall Reset Imminent | Displays events that indicate the Juniper Firewall is reset to its factory default state. |
| 187 | HIPAA: Juniper SSL VPN (Secure Access) Policy Changed | Displays all configuration changes to the Juniper SSL VPN (Secure Access) policies. |
| 188 | HIPAA: Juniper SSL VPN (Secure Access) Successful Logins by IP | Displays all successful Juniper SSL VPN (Secure Access) logins based on IP address. |
| 189 | HIPAA: Juniper SSL VPN (Secure Access) Successful Logins by User | Displays all successful Juniper SSL VPN (Secure Access) logins based on user. |
| 190 | HIPAA: Juniper SSL VPN Successful Logins by IP | Displays all successful Juniper SSL VPN logins based on IP address. |
| 191 | HIPAA: Juniper SSL VPN Successful Logins by User | Displays all successful Juniper SSL VPN logins based on user. |
| 192 | HIPAA: Logins by Authentication Type | Displays all logins categorized by the authentication type. |
| 193 | HIPAA: LogLogic Disk Full | Displays events that indicate the LogLogic appliance's disk is near full. |
| 194 | HIPAA: LogLogic DSM Configuration Changes | Displays all configuration changes on the LogLogic DSM database. |
| 195 | HIPAA: LogLogic DSM Data Access | Displays all select statements made on LogLogic DSM database. |
| 196 | HIPAA: LogLogic DSM Logins | Displays all login attempts to the LogLogic DSM database. |
| 197 | HIPAA: LogLogic File Retrieval Errors | Displays all errors while retrieving log files from devices, servers and applications. |
| 198 | HIPAA: LogLogic HA State Changed | Displays all LogLogic appliance failover state change events. |
| 199 | HIPAA: LogLogic Management Center Account Activities | Displays all accounts activities on LogLogic management center to ensure authorized and appropriate access. |
| 200 | HIPAA: LogLogic Management Center Login | Displays all login events to the LogLogic management center. |
| 201 | HIPAA: LogLogic Management Center Password Changes | Displays all password change activities on LogLogic management center to ensure authorized and appropriate access. |
| 202 | HIPAA: LogLogic Management Center Upgrade Success | Displays all successful events related to the system's upgrade. |
| 203 | HIPAA: LogLogic Universal Collector Configuration Changes | Displays LogLogic universal collector configuration changes. |
| 204 | HIPAA: LogLogic Message Routing Errors | Displays all log forwarding errors on the LogLogic appliance to ensure all logs are archived properly. |
| 205 | HIPAA: McAfee AntiVirus: Attacks by Event ID | Displays McAfee AntiVirus attacks by Event ID. |
| 206 | HIPAA: McAfee AntiVirus: Attacks by Threat Name | Displays McAfee AntiVirus attacks by threat name. |
| 207 | HIPAA: McAfee AntiVirus: Attacks Detected | Displays attacks detected by McAfee AntiVirus. |
| 208 | HIPAA: Microsoft Operations Manager - Windows Accounts Activities | Displays all accounts activities on Windows servers to ensure authorized and appropriate access. |
| 209 | HIPAA: Microsoft Operations Manager - Windows Accounts Created | Displays all accounts created on Windows servers to ensure authorized and appropriate access. |
| 210 | HIPAA: Microsoft Operations Manager - Windows Accounts Enabled | Displays all accounts enabled on Windows servers to ensure authorized and appropriate access. |
| 211 | HIPAA: Microsoft Operations Manager - Windows Password Changes | Displays all password change activities on Windows servers to ensure authorized and appropriate access. |
| 212 | HIPAA: Microsoft Operations Manager - Windows Permissions Modified | Displays all permission modification activities on Windows servers to ensure authorized access. |
| 213 | HIPAA: Microsoft Operations Manager - Windows Policies Modified | Displays all policy modification activities on Windows servers to ensure authorized and appropriate access. |
| 214 | HIPAA: Microsoft Operations Manager - Windows Servers Restarted | Displays all Windows server restart activities to detect unusual activities. |
| 215 | HIPAA: Microsoft Sharepoint Content Deleted | Displays all events when content has been deleted from Microsoft Sharepoint. |
| 216 | HIPAA: Microsoft Sharepoint Content Updates | Displays all events when content is updated within Microsoft Sharepoint. |
| 217 | HIPAA: Microsoft Sharepoint Permissions Changed | Displays all user and group permission events to Microsoft Sharepoint. |
| 218 | HIPAA: Microsoft Sharepoint Policy Add, Remove, or Modify | Displays all events when a Microsoft Sharepoint policy is added, removed, or modified. |
| 219 | HIPAA: Microsoft SQL Server Configuration Changes | Displays Microsoft SQL database configuration changes. |
| 220 | HIPAA: Microsoft SQL Server Data Access | Displays data access events on Microsoft SQL Server databases. |
| 221 | HIPAA: Microsoft SQL Server Database Failed Logins | Displays failed Microsoft SQL Server database logins. |
| 222 | HIPAA: Microsoft SQL Server Database Successful Logins | Displays successful Microsoft SQL Server database logins. |
| 223 | HIPAA: Microsoft SQL Server Database Permission Events | Displays events related to Microsoft SQL Server database permission modifications. |
| 224 | HIPAA: Microsoft SQL Server Database User Additions and Deletions | Displays Microsoft SQL Server events related to creation and deletion of database users. |
| 225 | HIPAA: Microsoft SQL Server Password Changes | Displays password changes for Microsoft SQL Server database accounts. |
| 226 | HIPAA: Most Active Ports Through Firewall - Check Point | Displays the most active ports used through the Check Point firewall. |
| 227 | HIPAA: Most Active Ports Through Firewall - Cisco ASA | Displays the most active ports used through the Cisco ASA firewall. |
| 228 | HIPAA: Most Active Ports Through Firewall - Cisco FWSM | Displays the most active ports used through the Cisco FWSM firewall. |
| 229 | HIPAA: Most Active Ports Through Firewall - Cisco PIX | Displays the most active ports used through the Cisco PIX firewall. |
| 230 | HIPAA: Most Active Ports Through Firewall - Fortinet | Displays the most active ports used through the Fortinet firewall. |
| 231 | HIPAA: Most Active Ports Through Firewall - Juniper Firewall | Displays the most active ports used through the Juniper Firewall. |
| 232 | HIPAA: Most Active Ports Through Firewall - Nortel | Displays the most active ports used through the Nortel firewall. |
| 233 | HIPAA: NetApp Filer Audit Logs Cleared | Displays all audit logs clearing activities on NetApp Filer Audit to detect access violations or unusual activity. |
| 234 | HIPAA: NetApp Filer Audit Accounts Enabled | Displays all accounts enabled on NetApp Filer Audit to ensure authorized and appropriate access. |
| 235 | HIPAA: NetApp Filer Accounts Locked | Displays all accounts locked out of NetApp Filer to detect access violations or unusual activities. |
| 236 | HIPAA: NetApp Filer Audit Login Failed | Displays all NetApp Filer Audit login events which have failed. |
| 237 | HIPAA: NetApp Filer Audit Login Successful | Displays all NetApp Filer Audit login events which have succeeded. |
| 238 | HIPAA: NetApp Filer Audit Policies Modified | Displays all policy modification activities on NetApp Filer Audit to ensure authorized and appropriate access. |
| 239 | HIPAA: NetApp Filer File Activity | Displays all file activities on NetApp Filer. |
| 240 | HIPAA: NetApp Filer Login Failed | Displays all NetApp Filer login events which have failed. |
| 241 | HIPAA: NetApp Filer Login Successful | Displays all NetApp Filer login events which have succeeded. |
| 242 | HIPAA: NetApp Filer Password Changes | Displays all password change activities on NetApp Filer to ensure authorized and appropriate access. |
| 243 | HIPAA: NetApp Filer Snapshot Error | Displays events that indicate backup on the NetApp Filer has failed. |
| 244 | HIPAA: Oracle Database Failed Logins | Displays all failed login attempts to the Oracle database. |
| 245 | HIPAA: Oracle Database Configuration Changes | Displays Oracle database configuration changes. |
| 246 | HIPAA: Oracle Database Data Access | Displays data access events on Oracle databases. |
| 247 | HIPAA: Oracle Database Successful Logins | Displays successful Oracle database logins. |
| 248 | HIPAA: Oracle Database Permission Events | Displays events related to Oracle Server database role and privilege management. |
| 249 | HIPAA: Oracle Database User Additions and Deletions | Displays Oracle database events related to creation and deletion of database users. |
| 250 | HIPAA: PANOS: Attacks by Event ID | Displays Palo Alto Networks attacks by Event ID. |
| 251 | HIPAA: PANOS: Attacks by Threat Name | Displays Palo Alto Networks attacks by threat name. |
| 252 | HIPAA: PANOS: Attacks Detected | Displays attacks detected by Palo Alto Networks. |
| 253 | HIPAA: Password Changes on Windows Servers | Displays all password change activities on Windows servers to ensure authorized and appropriate access. |
| 254 | HIPAA: Periodic Review of Log Reports | Displays all review activities performed by administrators to ensure review for any access violations. |
| 255 | HIPAA: Periodic Review of User Access Logs | Displays all review activities performed by administrators to ensure review for any access violations. |
| 256 | HIPAA: Permissions Modified on Windows Servers | Displays all permission modification activities on Windows servers to ensure authorized access. |
| 257 | HIPAA: Policies Modified on Windows Servers | Displays all policy modification activities on Windows Servers to ensure authorized and appropriate access. |
| 258 | HIPAA: Pulse Connect Secure Policy Changed | Displays all configuration changes to the Pulse Connect Secure policies. |
| 259 | HIPAA: Pulse Connect Secure Successful Logins by IP | Displays all successful Pulse Connect Secure logins based on IP address. |
| 260 | HIPAA: Pulse Connect Secure Successful Logins by User | Displays all successful Pulse Connect Secure logins based on user. |
| 261 | HIPAA: Proxy Access to Applications | Displays all proxy-based access to applications to ensure appropriate and authorized access. |
| 262 | HIPAA: Proxy Access to Applications - Blue Coat Proxy | Displays all proxy-based access to applications to ensure appropriate and authorized access on Blue Coat Proxy. |
| 263 | HIIPAA: Proxy Access to Applications - Cisco WSA | Displays all proxy-based access to applications and authorized access on Cisco WSA. |
| 264 | HIPAA: Proxy Access to Applications - Microsoft IIS | Displays all proxy-based access to applications to ensure appropriate and authorized access on Microsoft IIS. |
| 265 | HIPAA: RACF Accounts Created | Displays all accounts created on RACF servers to ensure authorized and appropriate access. |
| 266 | HIPAA: RACF Accounts Deleted | Displays all accounts deleted on RACF servers to ensure authorized and appropriate access. |
| 267 | HIPAA: RACF Accounts Modified | Displays all events when a network user profile has been modified. |
| 268 | HIPAA: RACF Failed Logins | Displays all failed login attempts to review any access violations or unusual activity. |
| 269 | HIPAA: RACF Files Accessed | Displays all files accessed on RACF servers to ensure appropriate access. |
| 270 | HIPAA: RACF Password Changed | Displays all password change activities on RACF servers to ensure authorized and appropriate access. |
| 271 | HIPAA: RACF Permissions Changed | Displays all permission modification activities on RACF to ensure authorized access. |
| 272 | HIPAA: RACF Process Started | Displays all processes started on the RACF servers. |
| 273 | HIPAA: RACF Successful Logins | Displays successful logins to ensure only authorized personnel have access. |
| 274 | HIPAA: Sidewinder Configuration Changes | Displays Sidewinder configuration changes. |
| 275 | HIPAA: Software Update Successes on i5/OS | Displays all i5/OS successful events related to the system's software or patch update. |
| 276 | HIPAA: Successful Logins | Displays successful logins to ensure only authorized personnel have access. |
| 277 | HIPAA: Sybase ASE Database Configuration Changes | Displays configuration changes to the Sybase database. |
| 278 | HIPAA: Sybase ASE Database Data Access | Displays Sybase ASE events involving the SELECT statement. |
| 279 | HIPAA: Sybase ASE Database User Additions and Deletions | Displays Sybase database events related to creation and deletion of database users. |
| 280 | HIPAA: Sybase ASE Failed Logins | Displays failed Sybase ASE database logins. |
| 281 | HIPAA: Sybase ASE Successful Logins | Displays successful Sybase ASE database logins. |
| 282 | HIPAA: Symantec AntiVirus: Attacks by Threat Name | Displays Symantec AntiVirus attacks by threat name. |
| 283 | HIPAA: Symantec AntiVirus: Attacks Detected | Displays attacks detected by Symantec AntiVirus. |
| 284 | HIPAA: Symantec AntiVirus: Scans | Displays scans using Symantec AntiVirus. |
| 285 | HIPAA: Symantec AntiVirus: Updated | Displays updates to Symantec AntiVirus. |
| 286 | HIPAA: Symantec Endpoint Protection: Attacks by Threat Name | Displays Symantec Endpoint Protection attacks by threat name. |
| 287 | HIPAA: Symantec Endpoint Protection: Attacks Detected | Displays attacks detected by Symantec Endpoint Protection. |
| 288 | HIPAA: Symantec Endpoint Protection Configuration Changes | Displays Symantec Endpoint Protection configuration changes. |
| 289 | HIPAA: Symantec Endpoint Protection Password Changes | Displays all password change activities on Symantec Endpoint Protection to ensure authorized and appropriate access. |
| 290 | HIPAA: Symantec Endpoint Protection Policy Add, Remove, or Modify | Displays all events when a Symantec Endpoint Protection policy is added, removed, or modified. |
| 291 | HIPAA: Symantec Endpoint Protection: Scans | Displays scans using Symantec Endpoint Protection. |
| 292 | HIPAA: Symantec Endpoint Protection: Updated | Displays updates to Symantec Endpoint Protection. |
| 293 | HIPAA: System Restarted | Displays all logs related to system restarts. |
| 294 | HIPAA: TIBCO Administrator Password Changes | Displays all password change activities on TIBCO Administrator to ensure authorized and appropriate access. |
| 295 | HIPAA: TIBCO Administrator Permission Changes | Displays events related to TIBCO Administrator permission modifications. |
| 296 | HIPAA: TIBCO ActiveMatrix Administrator Permission Changes | Displays events related to TIBCO ActiveMatrix Administrator permission modifications. |
| 297 | HIPAA: TIBCO ActiveMatrix Administrator Failed Logins | Displays all TIBCO ActiveMatrix Administrator login events which have failed. |
| 298 | HIPAA: TIBCO ActiveMatrix Administrator Successful Logins | Displays successful logins to TIBCO ActiveMatrix Administrator to ensure only authorized personnel have access. |
| 299 | HIPAA: TrendMicro OfficeScan: Attacks Detected | Displays attacks detected by TrendMicro OfficeScan. |
| 300 | HIPAA: TrendMicro OfficeScan: Attacks Detected by Threat Name | Displays attacks detected by TrendMicro OfficeScan by threat name. |
| 301 | HIPAA: TrendMicro Control Manager: Attacks Detected | Displays attacks detected by TrendMicro Control Manager. |
| 302 | HIPAA: TrendMicro Control Manager: Attacks Detected by Threat Name | Displays attacks detected by TrendMicro Control Manager by threat name. |
| 303 | HIPAA: Unauthorized Logins | Displays all logins from unauthorized users to ensure appropriate access to data. |
| 304 | HIPAA: UNIX Failed Logins | Displays failed UNIX logins for known and unknown users. |
| 305 | HIPAA: vCenter Change Attributes | Displays information about modification of VMware vCenter and VMware ESX properties. |
| 306 | HIPAA: vCenter Data Move | Displays information about an entity that has been moved within the VMware vCenter infrastructure. |
| 307 | HIPAA: vCenter Datastore Events | Displays create, modify, and delete datastore events on VMware vCenter. |
| 308 | HIPAA: vCenter Failed Logins | Displays failed logins to the VMware vCenter console. |
| 309 | HIPAA: vCenter Modify Firewall Policy | Displays changes to the VMware ESX allowed services firewall policy. |
| 310 | HIPAA: vCenter Orchestrator Change Attributes | Displays information about modification of VMware vCenter Orchestrator properties. |
| 311 | HIPAA: vCenter Orchestrator Datastore Events | Displays create, modify, and delete datastore events on VMware vCenter Orchestrator. |
| 312 | HIPAA: vCenter Orchestrator Data Move | Displays information about an entity that has been moved within the VMware vCenter Orchestrator infrastructure. |
| 313 | HIPAA: vCenter Orchestrator Failed Logins | Displays all failed logins for VMware vCenter Orchestrator. |
| 314 | HIPAA: vCenter Orchestrator Virtual Machine Created | Displays information about a Virtual machine that has been created from VMware vCenter Orchestrator. |
| 315 | HIPAA: vCenter Orchestrator Virtual Machine Deleted | Displays information about a Virtual machine that has been deleted from VMware vCenter Orchestrator. |
| 316 | HIPAA: vCenter Orchestrator Virtual Machine Shutdown | Displays information about a Virtual machine that has been shutdown or paused from VMware vCenter Orchestrator console. |
| 317 | HIPAA: vCenter Orchestrator Virtual Machine Started | Displays information about a Virtual machine that has been started or resumed from VMware vCenter Orchestrator console. |
| 318 | HIPAA: vCenter Orchestrator vSwitch Added, Changed or Removed | Displays information about a vSwitch that has been added, modified or removed from VMware vCenter Orchestrator console. |
| 319 | HIPAA: vCenter Resource Usage Change | Displays information about resources that have changed on VMware vCenter. |
| 320 | HIPAA: vCenter Restart ESX Services | Displays information when VMware vCenter restarted services are running on VMware ESX Server. |
| 321 | HIPAA: vCenter Shutdown or Restart of ESX Server | Displays information when VMware ESX Server is shutdown or restarted from VMware vCenter console. |
| 322 | HIPAA: vCenter Successful Logins | Displays information about successful logins to the VMware vCenter console. |
| 323 | HIPAA: vCenter User Permission Change | Displays information about a permission role that has been added, changed, removed, or applied to a user on VMware vCenter server. |
| 324 | HIPAA: vCenter Virtual Machine Created | Displays information about a Virtual machine that has been created from a VMware vCenter console. |
| 325 | HIPAA: vCenter Virtual Machine Deleted | Displays information about a Virtual machine that has been deleted or removed from VMware vCenter console. |
| 326 | HIPAA: vCenter Virtual Machine Shutdown | Displays information about a Virtual machine that has been shutdown or paused from VMware vCenter console. |
| 327 | HIPAA: vCenter Virtual Machine Started | Displays information about a Virtual machine that has been started or resumed from VMware vCenter console. |
| 328 | HIPAA: vCenter vSwitch Added, Changed or Removed | Displays information about a vSwitch on VMware ESX server that has been added, modified, or removed from the VMware vCenter console. |
| 329 | HIPAA: vCloud Failed Logins | Displays failed logins to the VMware vCloud Director console. |
| 330 | HIPAA: vCloud Organization Created | Displays events created on Vmware vCloud Director organization. |
| 331 | HIPAA: vCloud Organization Deleted | Displays events deleted from VMware vCloud Director organization. |
| 332 | HIPAA: vCloud Organization Modified | Displays modified events of VMware vCloud Director organization. |
| 333 | HIPAA: vCloud Successful Logins | Displays successful logins to the VMware vCloud Director console. |
| 334 | HIPAA: vCloud User Created | Displays user-created events on VMware vCloud Director. |
| 335 | HIPAA: vCloud User Deleted or Removed | Displays users that have been deleted or removed from VMware vCloud Director. |
| 336 | HIPAA: vCloud vApp Created, Modified, or Deleted | Displays events created, modified, or deleted on VMware vCloud Director vApp. |
| 337 | HIPAA: vCloud vDC Created, Modified, or Deleted | Displays events created, modified, or deleted on the VMware vCloud Director virtual datacenter. |
| 338 | HIPAA: vShield Edge Configuration Changes | Displays changes to VMware vShield Edge policies. |
| 339 | HIPAA: VPN Sessions by Source IPs | Displays all VPN sessions categorized by source IP addresses. |
| 340 | HIPAA: VPN Users Accessing Corporate Network | Displays all users logging into the corporate network through Virtual Private Network to ensure appropriate access. |
| 341 | HIPAA: Web Access to Applications | Displays all web-based access to applications to ensure appropriate and authorized access. |
| 342 | HIPAA: Web Access to Applications - F5 BIG-IP TMOS | Displays all web-based access to applications to ensure appropriate and authorized access on F5 BIG-IP TMOS. |
| 343 | HIPAA: Web Access to Applications - Fortinet | Displays all web-based access to applications to ensure appropriate and authorized access on Fortinet. |
| 344 | HIPAA: Web Access to Applications - PANOS | Displays all web-based access to applications to ensure appropriate and authorized access on Palo Alto Networks. |
| 345 | HIPAA: Web Access to Applications - Microsoft IIS | Displays all web-based access to applications to ensure appropriate and authorized access on Microsoft IIS. |
| 346 | HIPAA: Windows Accounts Enabled | Displays all accounts enabled on Windows servers to ensure authorized and appropriate access. |
| 347 | HIPAA: Windows Accounts Locked | Displays all accounts locked out of Windows servers to detect access violations or unusual activities. |
| 348 | HIPAA: Windows Audit Logs Cleared | Displays all audit logs clearing activities on Windows servers to detect access violations or unusual activity. |
| 349 | HIPAA: Windows New Services Installed | Displays a list of new services installed on Windows Servers to ensure authorized access. |
| 350 | HIPAA: Windows Servers Restarted | Displays all Windows server restart activities to detect unusual activities. |
| 351 | HIPAA: Windows Software Update Activities | Displays all events related to the system’s software or patch update. |
| 352 | HIPAA: Windows Software Update Failures | Displays all failed events related to the system’s software or patch update. |
| 353 | HIPAA: Windows Software Update Successes | Displays all successful events related to the system’s software or patch update. |
| 354 | HIPAA: Applications Under Attack - FireEye MPS | Displays all applications under attack as well as the attack signatures by FireEye MPS. |
| 355 | HIPAA: F5 BIG-IP TMOS Login Failed | Displays all F5 BIG-IP TMOS login events which have failed. |
| 356 | HIPAA: F5 BIG-IP TMOS Login Successful | Displays all F5 BIG-IP TMOS login events which have succeeded. |
| 357 | HIPAA: F5 BIG-IP TMOS Password Changes | Displays all password change activities on F5 BIG-IP TMOS to ensure authorized and appropriate access. |
| 358 | HIPAA: F5 BIG-IP TMOS Restarted | Displays all events when the F5 BIG-IP TMOS has been restarted. |
| 359 | HIPAA: FireEye MPS: Attacks by Event ID | Displays FireEye MPS attacks by Event ID. |
| 360 | HIPAA: FireEye MPS: Attacks Detected | Displays attacks detected by FireEye MPS. |
| 361 | HIPAA: FireEye MPS: Attacks by Threat Name | Displays FireEye MPS attacks by threat name. |
| 362 | HIPAA: Firewall Connections Accepted - F5 BIG-IP TMOS | Displays all traffic passing through the F5 BIG-IP TMOS device. |
| 363 | HIPAA: Firewall Connections Denied - F5 BIG-IP TMOS | Displays the applications that have been denied access the most by the F5 BIG-IP TMOS. |
| 364 | HIPAA: Files Accessed Through Pulse Connect Secure | Displays all files accessed through Pulse Connect Secure |
| 365 | HIPAA: Firewall Traffic Considered Risky - F5 BIG-IP TMOS | Displays F5 BIG-IP TMOS allowed firewall traffic that is considered risky. |
| 366 | HIPAA: Pulse Connect Secure Policy Change | Displays all configuration changes to the Pulse Connect Secure policies or configuration change. |
| 367 | HIPAA: Pulse Connect Secure Successful Logins by IP | Displays all successful Pulse Connect Secure logins based on IP address. |
| 368 | HIPAA: Pulse Connect Secure Successful Logins by User | Displays all successful Pulse Connect Secure logins based on user. |
| 369 | HIPAA: Web Access to Applications - F5 BIG-IP TMOS | Displays all web-based access to applications to ensure appropriate and authorized access on F5 BIG-IP TMOS. |
| 370 | HIPAA: F5 BIG-IP TMOS Risky Traffic | F5 BIG-IP TMOS traffic considered risky. |
| 371 | HIPAA: Anomalous IDS Alerts | Alert when IDS anomalies are above or below defined thresholds. |
Copyright © Cloud Software Group, Inc. All rights reserved.