The table below lists the items changed in the Unix alerts v5.2.0:
Alert name |
Changed items |
|---|---|
LP_Unix Excessive Denied Connection |
context_template, log_source |
LP_Unix Group Deleted |
log_source |
LP_Unix Kernel Logging Stopped |
log_source, mitre_hash |
LP_Unix Password Expiry Changed for User |
log_source, mitre_hash |
LP_Unix Possible Bruteforce Attack |
log_source, mitre_hash |
LP_Unix Privilege Escalation Failed |
log_source |
LP_Unix Security Violation |
log_source |
LP_Unix User Account Unlocked |
log_source |
LP_Unix User Deleted |
log_source, mitre_hash |
LP_Unix User Removed from Privileged Group |
log_source, mitre_hash |
LP_Unix User Session Alert |
log_source |