The Policy Warning action contains information on any policy management warning.
Information |
Level |
---|---|
Source - User Information |
Primary |
Source - Host Information |
Secondary |
Source - Object Information |
Tertiary |
Source - Process Information |
Primary |
Source - Group Information |
Tertiary |
Dest - User Information |
Tertiary |
Dest - Host Information |
Primary |
Dest - Object Information |
Primary |
Dest - Group Information |
Tertiary |
Agent - Information |
Primary |
Agent - Host Information |
Primary |
Event Source - Host Information |
Primary |
Event Source - Information |
Tertiary |
Event - Information |
Primary |
Result - Information |
Primary |
Result - Information |
Primary |
The important information for this action is which user or which process issued a warning on which host. The event information was expressed on which host and recorded by which agent on which host.
Result |
event_result |
event_severity |
---|---|---|
Success |
S |
5 |
The action Policy or Rule Status deals with expressing information pertaining to the event logged for each Windows Filtering Platform Provider present.
Information |
Level |
---|---|
Source - User Information |
Primary |
Source - Host Information |
Secondary |
Source - Object Information |
Tertiary |
Source - Process Information |
Tertiary |
Source - Group Information |
Tertiary |
Dest - User Information |
Tertiary |
Dest - Host Information |
Primary |
Dest - Object Information |
Primary |
Dest - Group Information |
Tertiary |
Agent - Information |
Primary |
Agent - Host Information |
Primary |
Event Source - Host Information |
Primary |
Event Source - Information |
Tertiary |
Event - Information |
Primary |
Result - Information |
Primary |
Result |
event_result |
event_severity |
---|---|---|
Success |
S |
2 |
Failure |
F |
3 |
Copyright © 2013 CA.
All rights reserved.
|
|