Previous Topic: Policy Replace ActionNext Topic: Backup Management Class


Policy Warning Action

The Policy Warning action contains information on any policy management warning.

Information

Level

Source - User Information

Primary

Source - Host Information

Secondary

Source - Object Information

Tertiary

Source - Process Information

Primary

Source - Group Information

Tertiary

Dest - User Information

Tertiary

Dest - Host Information

Primary

Dest - Object Information

Primary

Dest - Group Information

Tertiary

Agent - Information

Primary

Agent - Host Information

Primary

Event Source - Host Information

Primary

Event Source - Information

Tertiary

Event - Information

Primary

Result - Information

Primary

Result - Information

Primary

The important information for this action is which user or which process issued a warning on which host. The event information was expressed on which host and recorded by which agent on which host.

Result

event_result

event_severity

Success

S

5

Policy or Rule Status Action

The action Policy or Rule Status deals with expressing information pertaining to the event logged for each Windows Filtering Platform Provider present.

Information

Level

Source - User Information

Primary

Source - Host Information

Secondary

Source - Object Information

Tertiary

Source - Process Information

Tertiary

Source - Group Information

Tertiary

Dest - User Information

Tertiary

Dest - Host Information

Primary

Dest - Object Information

Primary

Dest - Group Information

Tertiary

Agent - Information

Primary

Agent - Host Information

Primary

Event Source - Host Information

Primary

Event Source - Information

Tertiary

Event - Information

Primary

Result - Information

Primary

Result

event_result

event_severity

Success

S

2

Failure

F

3