violationClassification

Description

Identifies the type of violation.

Values

String

The following strings suggested values:

account

Generic classification for policy violations related to an account, or attributes associated with an account, that does not fit in one of the specific account violation classifications.

accountDisallowed

Account was disallowed. Example: Guest accounts could be forbidden.

aclRestriction

The authorization settings on a protected resource violate the policy. Example: The ACL settings on the executables for a Web server might be improperly set.

antiVirus

The proper antivirus protection is not in place. Example: Versionx.y of antivirus product ABC may be required, or the antivirus scan must be configured to run at least once per week.

audit

The audit settings on a system may not comply with the policy. Example: The policy may require that all failed authentication attempts be audited. If audit settings do not comply, a violation is logged.

netConfig

Network configuration settings are not set as required by the policy. Example: The -s option must be specified when using the netlsd daemon in AIX.

password

The password policy is not being adhered to. Example: All passwords must be 8 characters or longer.

prohibitedService

Certain services might be prohibited. Example: Policy may require that TFTP never be active on a system.

softwareVersion

Policy may require that specific versions of software be installed. Example: A down-level version of Microsoft IIS or a version that requires a patch might be installed on a production server.

sysConfig

System configuration settings are not set as required by the policy. Example: Certain system log files may be required to exist.

XPath

CommonBaseEvent/extendedDataElements[@name='violationClassification']/values