Products: Amazon AWS - Elastic Load Balancer
| Rule ID | Rule Name |
|---|---|
| MATCH-S00209 | CVE-2021-44228 Log4j2 Java Library 0-Day Attempt |
| LEGACY-S00013 | Connection to High Entropy Domain |
| LEGACY-S00189 | Crypto Miner HTTP User Agent |
| MATCH-S00592 | Crypto Miner User Agent |
| LEGACY-S00028 | Directory Traversal - Successful |
| THRESHOLD-S00009 | Directory Traversal - Unsuccessful |
| LEGACY-S00042 | HTTP Request to Domain in Non-Standard TLD |
| THRESHOLD-S00015 | HTTP Response Error Spike - External |
| THRESHOLD-S00016 | HTTP Response Error Spike - Internal |
| LEGACY-S00048 | Houdini/Iniduoh/njRAT User-Agent |
| THRESHOLD-S00026 | Possible Credential Abuse |
| MATCH-S00835 | Possible Dynamic URL Domain |
| LEGACY-S00095 | Server-Side Code Injection in URL |
| OUTLIER-S00010 | Spike in URL Length from IP Address |
| MATCH-S00783 | Spring4Shell Exploitation - URL |
| LEGACY-S00182 | Suspicious HTTP User-Agent |
| MATCH-S00555 | Threat Intel - Inbound Traffic Context |
| LEGACY-S00109 | Threat Intel - Matched Domain Name |
| Log Mapper ID | Log Mapper Name |
|---|---|
| 1c9f12ea-e54e-42b4-b4ab-ef616ae18c69 | AWS Elastic Load Balancer - Custom Parser |