All Rules in Microsoft.ACS.Linux.SLES.15 Management Pack

 DisplayNameDescriptionIDTargetCategoryEnabledInstance NameCounter NameFrequencyEvent_IDEvent SourceAlert GenerateAlert SeverityAlert PriorityRemotableEvent Log
Microsoft.ACS.Linux.SLES.15.Adding.GroupAdding Group (SUSE Linux Enterprise Server 15)Rule to collect events for adding a new groupMicrosoft.ACS.Linux.SLES.15.Adding.GroupMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Adding.UserAdding User (SUSE Linux Enterprise Server 15)Rule to collect events for adding a new userMicrosoft.ACS.Linux.SLES.15.Adding.UserMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Adding.User.To.GroupAdding User to Group (SUSE Linux Enterprise Server 15)Rule to collect events for adding a user to a groupMicrosoft.ACS.Linux.SLES.15.Adding.User.To.GroupMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Console.FailedFailed Console Login (SUSE Linux Enterprise Server 15)Rule to collect events for failed console login eventsMicrosoft.ACS.Linux.SLES.15.Console.FailedMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Console.InvalidInvalid Console Login (SUSE Linux Enterprise Server 15)Rule to collect events for invalid console login eventsMicrosoft.ACS.Linux.SLES.15.Console.InvalidMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Deleting.GroupDeleting Group (SUSE Linux Enterprise Server 15)Rule to collect events for deleting a groupMicrosoft.ACS.Linux.SLES.15.Deleting.GroupMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Deleting.UserDeleting User (SUSE Linux Enterprise Server 15)Rule to collect events for deleting a userMicrosoft.ACS.Linux.SLES.15.Deleting.UserMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Deleting.User.From.GroupDeleting User from Group (SUSE Linux Enterprise Server 15)Rule to collect events for deleting a user from a groupMicrosoft.ACS.Linux.SLES.15.Deleting.User.From.GroupMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Password.Change.FailedFailed Password Change (SUSE Linux Enterprise Server 15)Rule to collect events for failed password changeMicrosoft.ACS.Linux.SLES.15.Password.Change.FailedMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Password.Change.From.Root.SucceededSuccessful Password Change from root user (SUSE Linux Enterprise Server 15)Rule to collect events for successful password change from root userMicrosoft.ACS.Linux.SLES.15.Password.Change.From.Root.SucceededMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Password.Change.From.User.SucceededSuccessful Password Change from non-root user (SUSE Linux Enterprise Server 15)Rule to collect events for successful password change from non-root userMicrosoft.ACS.Linux.SLES.15.Password.Change.From.User.SucceededMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Password.Change.Maximum.TriesMaximum Tried Password Change (SUSE Linux Enterprise Server 15)Rule to collect events for maximum number of tries to change passwordMicrosoft.ACS.Linux.SLES.15.Password.Change.Maximum.TriesMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Ssh.FailedFailed ssh login (SUSE Linux Enterprise Server 15)Rule to collect events for failed ssh loginMicrosoft.ACS.Linux.SLES.15.Ssh.FailedMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Ssh.InvalidInvalid ssh login (SUSE Linux Enterprise Server 15)Rule to collect events for invalid ssh loginMicrosoft.ACS.Linux.SLES.15.Ssh.InvalidMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Ssh.SucceededSuccessful ssh login (SUSE Linux Enterprise Server 15)Rule to collect events for successful ssh loginMicrosoft.ACS.Linux.SLES.15.Ssh.SucceededMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Su.FailedFailed su (SUSE Linux Enterprise Server 15)Rule to collect events for failed call to suMicrosoft.ACS.Linux.SLES.15.Su.FailedMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Su.SucceededSuccessful su (SUSE Linux Enterprise Server 15)Rule to collect events for successful call to suMicrosoft.ACS.Linux.SLES.15.Su.SucceededMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Sudo.Conversation.ErrorFailed sudo with one or two times try (password) (SUSE Linux Enterprise Server 15)Rule to collect events for bad password failed call to sudoMicrosoft.ACS.Linux.SLES.15.Sudo.Conversation.ErrorMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Sudo.FailedFailed sudo (SUSE Linux Enterprise Server 15)Rule to collect events for failed call to sudoMicrosoft.ACS.Linux.SLES.15.Sudo.FailedMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Sudo.InvalidInvalid sudo (SUSE Linux Enterprise Server 15)Rule to collect events for no privileges for sudo operationsMicrosoft.ACS.Linux.SLES.15.Sudo.InvalidMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue
Microsoft.ACS.Linux.SLES.15.Sudo.SucceededSuccessful sudo (SUSE Linux Enterprise Server 15)Rule to collect events for successful call to sudoMicrosoft.ACS.Linux.SLES.15.Sudo.SucceededMicrosoft.ACS.Linux.SLES.15.ACSEndPointEventCollectionTrue00FalseTrue