Products: McAfee - Web Gateway
| Rule ID | Rule Name |
|---|---|
| MATCH-S00209 | CVE-2021-44228 Log4j2 Java Library 0-Day Attempt |
| LEGACY-S00013 | Connection to High Entropy Domain |
| THRESHOLD-S00016 | HTTP Response Error Spike - Internal |
| MATCH-S00042 | McAfee Web Gateway - Poor Reputation |
| MATCH-S00638 | McAfee Web Gateway - Suspicious or Malicious Categories |
| THRESHOLD-S00026 | Possible Credential Abuse |
| MATCH-S00835 | Possible Dynamic URL Domain |
| MATCH-S00637 | Possible Malicious Download |
| OUTLIER-S00010 | Spike in URL Length from IP Address |
| LEGACY-S00182 | Suspicious HTTP User-Agent |
| LEGACY-S00107 | Threat Intel Match - IP Address |
| LEGACY-S00165 | VBS file downloaded from Internet |
| Log Mapper ID | Log Mapper Name |
|---|---|
| 06d2310a-b511-48f4-b777-559b3e6e2be1 | McAfee Web Gateway - LEEF |
| a1097784-4fb2-4a6f-9338-7e1064a58005 | McAfee WebGateway - CEF - Backup Triggered |
| b95bbe75-269b-4b8a-bf90-cbc1470aeacc | McAfee WebGateway - CEF - File Download |
| 66227412-64e9-4d71-9565-338bcde62ae0 | McAfee WebGateway - CEF - Rule Changes |
| 2f442ebb-2bbc-4ae8-82f7-292b015fa67e | McAfee WebGateway - CEF - System List Update |
| bb6e0892-ed2c-42e6-b0a8-331eadf598fb | McAfee WebGateway - CEF - Traffic Logs |
| 1f2f7c10-668b-416f-9018-7d47cd802b50 | McAfee WebGateway - CEF - Trigger Action |
| 776bca53-f0fd-4b30-9d44-1c00863c766b | McAfee WebGateway - CEF - User Login |
| db8d4ca1-982a-42fc-a0b3-cbe6f04cd6fb | McAfee WebGateway - CEF - User Login Failed |
| e4177d7b-56ec-45d3-8572-780c93a30087 | McAfee WebGateway - CEF - User Logout |
| 0efb88b1-a2b5-46e6-bb3c-18c3cbf352b7 | McAfee WebGateway - CEF - User Timed-out |
| 02d0e53b-6a92-4837-9aa6-a5d4af42b09c | McAfee WebGateway - JSON |
| 33b045fc-8df5-41fc-b5b5-5232e10df1c7 | McAfee WebGateway - Parser |
| 0c7120d1-0adc-48c0-a824-526eac5c10e3 | McAfee WebGateway Proxy - Audit |