violationClassification
Identifies the type of violation.
Values
String
The following strings suggested values:
- account
- Generic classification for policy violations related to an account, or attributes associated with an account, that does not fit in one of the specific account violation classifications.
- accountDisallowed
- Account was disallowed. Example: Guest accounts could be forbidden.
- aclRestriction
- The authorization settings on a protected resource violate the policy. Example: The ACL settings on the executables for a Web server might be improperly set.
- antiVirus
- The proper antivirus protection is not in place. Example: Versionx.y of antivirus product ABC may be required, or the antivirus scan must be configured to run at least once per week.
- audit
- The audit settings on a system may not comply with the policy. Example: The policy may require that all failed authentication attempts be audited. If audit settings do not comply, a violation is logged.
- netConfig
- Network configuration settings are not set as required by the policy. Example: The -s option must be specified when using the netlsd daemon in AIX.
- password
- The password policy is not being adhered to. Example: All passwords must be 8 characters or longer.
- prohibitedService
- Certain services might be prohibited. Example: Policy may require that TFTP never be active on a system.
- softwareVersion
- Policy may require that specific versions of software be installed. Example: A down-level version of Microsoft IIS or a version that requires a patch might be installed on a production server.
- sysConfig
- System configuration settings are not set as required by the policy. Example: Certain system log files may be required to exist.
XPath
CommonBaseEvent/extendedDataElements[@name='violationClassification']/values
Parent topic: Reference information about elements and element types