HIDS 80717

From Atomicorp Wiki
Revision as of 08:18, 23 October 2020 by Scott (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Rule 1
Status Active
Alert Message Auditd event

Contents

Description

Auditd: Role-Based Access Control (RBAC) failure detected.

What you should do

This means the auditd RBAC system has logged a failure by a user or process based on its policy. It could be an IOC

Troubleshooting

False Positives

There are no false positives with this rule.

Tuning Guidance

There is no guidance for tuning this rule, this is a generic error and the rule should not be disabled.

Additional Information

Support

If you are unsure about how to respond to this alert, please contact Atomicorp support. We're here to help you!

Similar Rules

None.

Knowledge Base Articles

None.

Outside References

None.

Notes

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=HIDS_80717&oldid=6218"
Personal tools