# |
Test Name |
Result Details |
12874921 |
Secure Shell Server Error event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12907441 |
sulog group started event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12907442 |
sulog rule group terminated event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916801 |
wtmp User logout event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916811 |
wtmp User login event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916841 |
wtmp Detect rules started event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916842 |
btmp Detect rules started event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916843 |
network Detect rules started event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916844 |
filesystem Detect rules started event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916845 |
pacct event Detect rules started should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916846 |
syslog event Detect rules started should properly map when received by Unix Agent |
0 events passed out of 1 events matching the Match Condition:
Failed test on line 31: . From event syslog event Detect rules started should properly map when received by Unix Agent "Observer Host Name" was "unknown-host" but was expected to be "unknown-host". Test Result: fail
|
12916847 |
Linux event Detect rules started should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916848 |
aix event Detect rules started should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916851 |
wtmp Detect rule group terminated event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916852 |
btmp group terminated event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916853 |
network group terminated event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916854 |
filesystem group terminated event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916855 |
pacct event group terminated should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916856 |
syslog event Detect rule group terminated should properly map when received by Unix Agent |
0 events passed out of 1 events matching the Match Condition:
Failed test on line 32: . From event syslog event Detect rule group terminated should properly map when received by Unix Agent "Observer Host Name" was "unknown-host" but was expected to be "unknown-host". Test Result: fail
|
12916857 |
Linux event Detect rule group terminated should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916858 |
aix event Detect rule group terminated should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916861 |
btmp Failed UNIX login event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916862 |
syslog event Failed UNIX login should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12916863 |
linux event Failed UNIX login should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12923331 |
filesystem Batch Authorization Changed event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12923332 |
filesystem Batch Configuration Changed event should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12923351 |
filesystem event New or modified set-user-id file should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12923361 |
filesystem event System configuration file modified should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12923371 |
filesystem event User Password Changed should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12925931 |
filesystem event New or modified executable file should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12928821 |
filesystem event Log File Size Decreased should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12931331 |
pacct event Detects that TCP or UDP is running should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12931541 |
pacct event Critical system commands run by non-root should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12931551 |
pacct event System hacking tools being used should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12935701 |
syslog event Failed su should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12935721 |
syslog event Network Promiscuous Mode Detected should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12935801 |
syslog event Successful su to Root should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12935802 |
syslog event Successful su to myuser should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12935803 |
aix event Detects executions of the su command should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941491 |
syslog event Changed Ethernet Address should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941501 |
syslog event Flip-flop Ethernet Address should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941511 |
syslog event Reused Ethernet Address should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941521 |
syslog event Execute From Stack Attempted should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941541 |
syslog event Internet Service Server (inetd) Errors should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941581 |
syslog event TCP Wrapper Errors should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941611 |
event File system is full should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941621 |
event FTP Server Errors should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941651 |
syslog event Unsafe Code Detected in Detect Rule Set should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941671 |
syslog event Mail redirection should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12941701 |
Linux event Application Attempted to Set uid or euid should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12942111 |
linux event File System Object Modified by Non-Root User should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12942112 |
aix event File System Object Modified by Non-Root User should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12954481 |
linux event File System Object Modified by Root User should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12954482 |
aix event File System Object Modified by Root User should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12964231 |
event Root runs non-root executable should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12964251 |
event Clock Changed should properly map when received by Unix Agent |
All 1 Matched Events Passed |
12964301 |
event Root executed world-writable file should properly map when received by Unix Agent |
All 1 Matched Events Passed |
13026191 |
aix event file file \/etc\/security\/audit\/config modified should properly map when received by Unix Agent |
All 1 Matched Events Passed |
13026211 |
aix event Detects execution of the audit command should properly map when received by Unix Agent |
All 1 Matched Events Passed |
13026221 |
aix event AIX User Group Changed should properly map when received by Unix Agent |
All 1 Matched Events Passed |
13026241 |
aix event AIX File Permissions Changed should properly map when received by Unix Agent |
All 1 Matched Events Passed |
13029601 |
aix event AIX User Group Created should properly map when received by Unix Agent |
All 1 Matched Events Passed |
13030481 |
aix event AIX User Account Created should properly map when received by Unix Agent |
All 1 Matched Events Passed |