Products: Cisco Systems - Identity Services Engine
| Rule ID | Rule Name |
|---|---|
| THRESHOLD-S00096 | Brute Force Attempt |
| FIRST-S00029 | First Seen Successful Authentication From Unexpected Country |
| THRESHOLD-S00097 | Impossible Travel - Successful |
| OUTLIER-S00001 | Spike in Login Failures from a User |
| CHAIN-S00008 | Successful Brute Force |
| MATCH-S00815 | Threat Intel - Successful Authentication from Threat IP |
| Log Mapper ID | Log Mapper Name |
|---|---|
| 1c899000-0963-4a3a-8fb5-4225592620c5 | Cisco ISE Authentication Failure |
| 66df4b9c-7573-4868-b566-69865bb03eca | Cisco ISE Authentication Success |
| 9c735264-612b-42e3-9685-fc47b0cf72ab | Cisco ISE Catch All |
| 2178bcca-c3a7-443b-be3c-bdbc7f3f2154 | Cisco ISE Events |