Products: Amazon AWS - Network Firewall
| Rule ID | Rule Name |
|---|---|
| MATCH-S00513 | Critical Severity Intrusion Signature |
| FIRST-S00030 | First Seen Outbound Connection to External IP Address on Port 445 from IP Address |
| MATCH-S00666 | High Severity Intrusion Signature |
| THRESHOLD-S00079 | Inbound Port Scan |
| THRESHOLD-S00515 | Intrusion Sweep |
| MATCH-S00667 | Medium Severity Intrusion Signature |
| MATCH-S00554 | Outbound IRC Traffic |
| MATCH-S00555 | Threat Intel - Inbound Traffic Context |
| LEGACY-S00107 | Threat Intel Match - IP Address |
| Log Mapper ID | Log Mapper Name |
|---|---|
| db6d3445-1ed9-4e9e-9a87-ceeb374fabb3 | AWS Network Firewall Alerts |
| 7f4daf7f-f391-44be-908a-f36e6f1b360f | AWS Network Firewall Flow |
| 04121705-9ef8-4620-99ca-795045ef94dc | AWS Network Firewall Netflow |