Keys of audit events in the Rules group

The keys listed in the following table are used in the bodies of syslog messages of audit event classes in the Rules group.

Possible values of fields for keys of Rules group audit events

Key

Value

event-type

The value is always rules.

event

Event type. Possible values:

  • rule_created
  • rule_changed
  • rule_deleted

rule-id

ID of the rule in which the event occurred.

rule-name

Name of the rule in which the event occurred.

changed-settings

List of modified rule settings.

For the representation of settings, see the appendices. Modified setting records are separated with semicolons (";").

Page top