Table of Contents | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Introduction
The tags begin with edr.superna
identify the events generated by Superna.
Tag structure
The full tag must have 4 levels. The first two are fixed as edr.superna
. The third level identifies the type of events sent, and the fourth level indicates the event subtype.
Product / Services | Tags | Data tables |
---|---|---|
Superna Eyeglass Ransomware Defender |
|
|
|
|
For more information, read more about Devo tags.
Table structure
These are the fields displayed in these tables:
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Extra fields |
---|---|---|
eventdate |
|
|
hostname |
|
|
timestamp |
|
|
aid |
|
|
port |
|
|
type |
|
|
entity_type |
|
|
extra_data |
|
|
description |
|
|
severity |
|
|
impact |
|
|
category |
|
|
hostchain |
| ✓ |
tag |
| ✓ |
rawMessage |
| ✓ |
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Extra fields |
---|---|---|
eventdate |
|
|
hostname |
|
|
timestamp |
|
|
structured_data |
|
|
message |
|
|
hostchain |
| ✓ |
tag |
| ✓ |
rawMessage |
| ✓ |