Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
The VMware SD-WAN Edge appliance captured a potentially malicious traffic flow. Please investigate the IOC information available. This analytics rule analyzes Syslog streams.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | VMware SASE |
| ID | a8e2bfd2-5d9c-4acc-aa55-30029e50d574 |
| Severity | High |
| Kind | Scheduled |
| Tactics | LateralMovement |
| Techniques | T1210 |
| Required Connectors | VMwareSDWAN |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
Syslog |
SyslogMessage contains "VCF Alert" |
✓ | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊