& # 8203 OSSIM event classification / subcategory summary table 04/09 Update SLTechnology News&Howtos

& # 8203 OSSIM event classification / subcategory summary table

2025-04-09 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)06/01 Report--

OSSIM event class / subclass CATEGORY/ SUBCATEGORY summary table

You can view the details in the data source because the classes and subclasses are displayed in the SIEM.

Event class / subclass

Data source classification

Subclass

Remarks

Access

ACL Deny

ACL Permit

ConnectionClosed

ConnectionOpened

File Access

File Blocked

Firewall Deny

Firewall Misc Event

Firewall Permit

Timeout

Traffic Inbound

Traffic Outbound

Tunnel Closed

Tunnel Connection

Web Appliation Access

Alarm

Attacks

Bruteforce

Dos

Malware

Misc

Network

Policy

Scada

Scan

Aert

HostIDS Alert

IDS Alert

IPS Alert

Availability

State Critical

State Down

State Unknown

State Up

State Warning

Database

Error

Logout

Query

Start

Stop

Recon

Misc

Scanner

Application

DHCP Error

DHCP Request

DNS Succesful Zone Tranfer

DNS Zone Transfer Failed

FTP commandExecuted

FTPConnectionOpened

Mail Received

Mail Sent

Spam Detected

× × × Closed

× × × Denied

Web Error

Web Denied

Web Modified

WebProxy

Web Redirected

Authentication

Account Lockout

Admin Access

Brute force

Default Credentials

Failed

FTP Login Failed

FTP Login Succeeded

Goup Added

Goup Deleted

Logout

Password Change Failed

Password Change Succeeded

User Changed

User Created

User Deleted

Exploit

Attack Response

Buffer Overflow

Command Execution

Cross Site Scripting

Denial Of Service

Directory Traversal

File Inclusion

Format String

Spoofing

ShellCode

SQL Injection

Malware

Adware

Backdoor

Fake Antivirus

Generic

KeyLogger

Spyware

Trojan

Virus

Worm

Policy

Anonymity

Check Failed

Instant Messaging Chat

P2P

Phishing

Porn

Suspicious

Bad Traffic

Blacklist Address

Database Activity

DNS Protocol Anomaly

FTP Protocol Anomaly

HTTP Protocol Anomaly

Mail Protocol Anomaly

Netbios Activity

Network Anomaly

NFS Activity

RPC Activity

ScadaActivity

SSH Activity

SSH Protocol Anomaly

Telnet Protocol Anomaly

Threshold Exceeded

Web Attack or Scan

Inventory

Mac Change

MacDetected

Operating System Change

Operating System Detected

Service Change

Service Detected

ServiceMisc

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.