Hello everybody!. Is there a site where I can obtain a classification for the different logs?
Depending on the event ID, I would like to know if a given log falls into a classification, such as: Attack, Denial of Service, Malware, Failed Attack, etc.
I know LogRhythm does such a thing, but I cannot find anywhere the logic used to classify these logs into a specific category.
Any clues?