Analytic Rules - O

48 analytic rules starting with 'O'.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Jump to letter: # | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Z

Source: 📦 Solution | 📄 Standalone | 🔗 GitHub Only

Name	Severity	Source
Object Marked as Clean	Informational	📦 Veeam
Object Storage Deleted	High	📦 Veeam
Object Storage Settings Updated	Low	📦 Veeam
Objects Added to Malware Detection Exclusions	High	📦 Veeam
Objects Deleted from Malware Detection Exclusions	Informational	📦 Veeam
Objects for Job Deleted	High	📦 Veeam
Objects for Protection Group Changed	Informational	📦 Veeam
Objects for Protection Group Deleted	High	📦 Veeam
OCI - Discovery activity	Medium	📦 Oracle Cloud Infrastructure
OCI - Event rule deleted	High	📦 Oracle Cloud Infrastructure
OCI - Inbound SSH connection	Medium	📦 Oracle Cloud Infrastructure
OCI - Insecure metadata endpoint	High	📦 Oracle Cloud Infrastructure
OCI - Instance metadata access	Medium	📦 Oracle Cloud Infrastructure
OCI - Multiple instances launched	Medium	📦 Oracle Cloud Infrastructure
OCI - Multiple instances terminated	High	📦 Oracle Cloud Infrastructure
OCI - Multiple rejects on rare ports	Medium	📦 Oracle Cloud Infrastructure
OCI - SSH scanner	High	📦 Oracle Cloud Infrastructure
OCI - Unexpected user agent	Medium	📦 Oracle Cloud Infrastructure
Office Apps Launching Wscipt	Medium	📦 Microsoft Defender XDR
Office ASR rule triggered from browser spawned office process.	Medium	📦 FalconFriday
Office Policy Tampering	Medium	📦 Microsoft 365
Office365 Sharepoint File transfer above threshold	Medium	📦 Microsoft 365
Office365 Sharepoint File transfer Folders above threshold	Medium	📦 Microsoft 365
Okta Fast Pass phishing Detection	Medium	📦 Okta Single Sign-On
OLE object manipulation attempts stateful anomaly on database	Medium	📦 Azure SQL Database solution for sentinel
OMI Vulnerability Exploitation	Medium	📄 Standalone Content
Oracle - Command in URI	High	📦 OracleWebLogicServer
Oracle - Malicious user agent	High	📦 OracleWebLogicServer
Oracle - Multiple client errors from single IP	Medium	📦 OracleWebLogicServer
Oracle - Multiple server errors from single IP	Medium	📦 OracleWebLogicServer
Oracle - Multiple user agents for single source	Medium	📦 OracleWebLogicServer
Oracle - Oracle WebLogic Exploit CVE-2021-2109	High	📦 OracleWebLogicServer
Oracle - Private IP in URL	Medium	📦 OracleWebLogicServer
Oracle - Put file and get file from same IP address	Medium	📦 OracleWebLogicServer
Oracle - Put suspicious file	Medium	📦 OracleWebLogicServer
Oracle - Request to sensitive files	High	📦 OracleWebLogicServer
Oracle suspicious command execution	Medium	📦 FalconFriday
OracleDBAudit - Connection to database from external IP	Medium	📦 OracleDatabaseAudit
OracleDBAudit - Connection to database from unknown IP	Medium	📦 OracleDatabaseAudit
OracleDBAudit - Multiple tables dropped in short time	Medium	📦 OracleDatabaseAudit
OracleDBAudit - New user account	Low	📦 OracleDatabaseAudit
OracleDBAudit - Query on Sensitive Table	Medium	📦 OracleDatabaseAudit
OracleDBAudit - Shutdown Server	Medium	📦 OracleDatabaseAudit
OracleDBAudit - SQL injection patterns	Medium	📦 OracleDatabaseAudit
OracleDBAudit - Unusual user activity on multiple tables	Medium	📦 OracleDatabaseAudit
OracleDBAudit - User activity after long inactivity time	Medium	📦 OracleDatabaseAudit
OracleDBAudit - User connected to database from new IP	Low	📦 OracleDatabaseAudit
Outgoing connection attempts stateful anomaly on database	Medium	📦 Azure SQL Database solution for sentinel

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index · Back to Analytic Rules