...
The tags begin with vuln.kenna
identifies events generated by Kenna.
...
Valid tags and data tables
The full tag must have four levels. The first two are fixed asvuln.kenna
. The third level identifies the type of events sent. The fourth level identifies the event subtype.
Table structure
Field | Type | Field transformation | Source field name | Extra fields | ||
---|---|---|---|---|---|---|
eventdate |
| |||||
hostname |
| |||||
id |
| |||||
created_at |
| |||||
priority |
| |||||
operating_system |
| |||||
notes |
| |||||
last_booted_at |
| |||||
primary_locator |
| |||||
locator |
| |||||
vulnerabilities_count |
| |||||
status |
| |||||
last_seen_time |
| |||||
tags_str |
|
| tags | |||
owner |
| |||||
inactive_at |
| |||||
status_set_manually |
| |||||
urls__vulnerabilities |
| |||||
ip_address |
| |||||
database |
| |||||
hostname2 |
| |||||
fqdn |
| |||||
netbios |
| |||||
application |
| |||||
file |
| |||||
mac_address |
| |||||
ec2 |
| |||||
url |
| |||||
external_id |
| |||||
image |
| |||||
container |
| |||||
ipv6 |
| |||||
risk_meter_score |
| |||||
asset_groups__id_str |
|
| asset_groups__id | |||
asset_groups__name_str |
|
| asset_groups__name | |||
vulnerability__connectors__name_str |
|
| vulnerability__connectors__name | |||
vulnerability__connectors__id_str |
|
| vulnerability__connectors__id | |||
vulnerability__connectors__connector_definition_name_str |
|
| vulnerability__connectors__connector_definition_name | |||
vulnerability__connectors__vendor_str |
|
| vulnerability__connectors__vendor | |||
vulnerability__notes |
| |||||
vulnerability__fix_id |
| |||||
vulnerability__service_ticket |
| |||||
vulnerability__created_at |
| |||||
vulnerability__asset_id |
| |||||
vulnerability__id |
| |||||
vulnerability__last_seen_time |
| |||||
vulnerability__closed_at |
| |||||
vulnerability__identifiers_str |
|
| vulnerability__identifiers | |||
vulnerability__due_date |
| |||||
vulnerability__priority |
| |||||
vulnerability__port_str |
|
| vulnerability__port | |||
vulnerability__scanner_vulnerabilities__port_str |
|
| vulnerability__scanner_vulnerabilities__port | |||
vulnerability__scanner_vulnerabilities__external_unique_id_str |
|
| vulnerability__scanner_vulnerabilities__external_unique_id | |||
vulnerability__scanner_vulnerabilities__open_str |
|
| vulnerability__scanner_vulnerabilities__open | |||
vulnerability__scanner_score |
| |||||
vulnerability__status |
| |||||
vulnerability__urls__asset |
| |||||
vulnerability__solution |
| |||||
vulnerability__patch |
| |||||
vulnerability__patch_published_at |
| |||||
vulnerability__cve_id |
| |||||
vulnerability__cve_description |
| |||||
vulnerability__cve_published_at |
| |||||
vulnerability__description |
| |||||
vulnerability__wasc_id |
| |||||
vulnerability__severity |
| |||||
vulnerability__threat |
| |||||
vulnerability__popular_target |
| |||||
vulnerability__active_internet_breach |
| |||||
vulnerability__easily_exploitable |
| |||||
vulnerability__malware_exploitable |
| |||||
vulnerability__remote_code_execution |
| |||||
vulnerability__predicted_exploitable |
| |||||
vulnerability__custom_fields__name_str |
|
| vulnerability__custom_fields__name | |||
vulnerability__custom_fields__custom_field_definition_id_str |
|
| vulnerability__custom_fields__custom_field_definition_id | |||
vulnerability__custom_fields__value_str |
|
| vulnerability__custom_fields__value | |||
vulnerability__first_found_on |
| |||||
vulnerability__risk_meter_score |
| |||||
vulnerability__top_priority |
| |||||
vulnerability__closed |
| |||||
hostchain |
| ✓ | ||||
tag |
| ✓ | ||||
rawMessage |
|