Product / Services | Tags | Data tables |
|---|
Crowdstrike | edr.crowdstrike.falconstreaming.agentscannon
| edr.crowdstrike.falconstreaming.auth_activitycannon
|
edr.crowdstrike.falconstreamingcannon.behaviorsadditionalhostinfo
| edr.crowdstrike.falconstreamingcannon.customer_iocadditionalhostinfo
|
edr.crowdstrike.falconstreamingcannon.detection_summaryagentconnect
| edr.crowdstrike.falconstreamingcannon.external_apiagentconnect
|
edr.crowdstrike.falconstreamingcannon.firewall_matchagentonline
| edr.crowdstrike.falconstreamingcannon.identity_protectionagentonline
|
edr.crowdstrike.falconstreaming.idp_detection_summarycannon.arcfilewritten
| edr.crowdstrike.falconstreamingcannon.incidentsarcfilewritten
|
edr.crowdstrike.falconstreamingcannon.incident_summaryasepkeyupdate
| edr.crowdstrike.falconstreaming.mobile_detection_summarycannon.asepkeyupdate
|
edr.crowdstrike.falconstreamingcannon.otherasepvalueupdate
| edr.crowdstrike.falconstreaming.recon_notification_summarycannon.asepvalueupdate
|
edr.crowdstrike.falconstreaming.remote_response_sessioncannon.associateindicator
| edr.crowdstrike.falconstreaming.scheduled_report_notificationcannon.associateindicator
|
edr.crowdstrike.falconstreaming.user_activity_groupscannon.associatetreeidwithroot
| edr.crowdstrike.falconstreaming.user_activity_quarantined_filescannon.associatetreeidwithroot
|
edr.crowdstrike.falconstreaming.user_activity_sensor_update_policycannon.billinginfo
| edr.crowdstrike.falconstreaming.user_activity_othercannon.billinginfo
|
edr.crowdstrike.falconstreaming.recon_notification_summarycannon.bitsjobcreated
| edr.crowdstrike.falconstreaming.user_activity_devicescannon.bitsjobcreated
|
edr.crowdstrike.falconstreaming.user_activity_detectionscannon.bmpfilewritten
| edr.crowdstrike.falconstreaming.user_activity_ip_whitelistcannon.bmpfilewritten
|
edr.crowdstrike.falconstreamingcannon.vulnerabilitiescabfilewritten
| edr.crowdstrike.cannon.falconcabfilewritten
|
edr.crowdstrike.cannon.channeldatadownloadcomplete
| edr.crowdstrike.cannon.associateindicatorchanneldatadownloadcomplete
|
edr.crowdstrike.cannon.associatetreeidwithrootchannelversionrequired
| edr.crowdstrike.cannon.asepvalueupdatechannelversionrequired
|
| |
edr.crowdstrike.cannon.channelversionrequireddetectionexcluded
| edr.crowdstrike.cannon.detectionexcluded
|
edr.crowdstrike.cannon.dnsrequest
| edr.crowdstrike.cannon.endofprocessdnsrequest
|
edr.crowdstrike.cannon.neighborlistip4endofprocess
| edr.crowdstrike.cannon.networkconnectip4endofprocess
|
edr.crowdstrike.cannon.otherneighborlistip4
| edr.crowdstrike.cannon.processrollup2neighborlistip4
|
edr.crowdstrike.cannon.processrollup2statsnetworkconnectip4
| edr.crowdstrike.cannon.sensorheartbeatnetworkconnectip4
|
edr.crowdstrike.cannon.syntheticprocessrollup2other
| edr.crowdstrike.falconstreamingcannon.agentsother
|
edr.crowdstrike.falconstreamingcannon.auth_activityprocessrollup2
| edr.crowdstrike.falconstreamingcannon.behaviorsprocessrollup2
|
edr.crowdstrike.falconstreamingcannon.customer_iocprocessrollup2stats
| edr.crowdstrike.falconstreamingcannon.detection_summaryprocessrollup2stats
|
edr.crowdstrike.falconstreamingcannon.external_apisensorheartbeat
| edr.crowdstrike.falconstreamingcannon.firewall_matchsensorheartbeat
|
edr.crowdstrike.falconstreamingcannon.identity_protectionsyntheticprocessrollup2
| edr.crowdstrike.falconstreaming.idp_detection_summarycannon.syntheticprocessrollup2
|
edr.crowdstrike.falconstreaming.incidentsagents
| edr.crowdstrike.falconstreaming.incident_summaryagents
|
edr.crowdstrike.falconstreaming.mobileauth_detection_summaryactivity
| edr.crowdstrike.falconstreaming.otherauth_activity
|
edr.crowdstrike.falconstreaming.recon_notification_summarybehaviors
| edr.crowdstrike.falconstreaming.remote_response_sessionbehaviors
|
edr.crowdstrike.falconstreaming.scheduledcustomer_report_notificationioc
| edr.crowdstrike.falconstreaming.usercustomer_activity_groupsioc
|
edr.crowdstrike.falconstreaming.user_activity_quarantined_filesdetection_summary
| edr.crowdstrike.falconstreaming.user_activity_sensor_update_policydetection_summary
|
edr.crowdstrike.falconstreaming.userexternal_activity_otherapi
| edr.crowdstrike.falconstreaming.reconexternal_notification_summaryapi
|
edr.crowdstrike.falconstreaming.userfirewall_activity_devicesmatch
| edr.crowdstrike.falconstreaming.userfirewall_activity_detectionsmatch
|
edr.crowdstrike.falconstreaming.user_activity_ip_whitelistidentity_protection
| edr.crowdstrike.falconstreaming.vulnerabilitiesidentity_protection
|
edr.crowdstrike.falcon.falconstreaming.idp_detection_summary
| edr.crowdstrike.falconstreaming.idp_detection_summary
|
edr.crowdstrike.falconstreaming.cannonincidents
| edr.crowdstrike.cannonfalconstreaming.associateindicatorincidents
|
edr.crowdstrike.cannonfalconstreaming.associatetreeidwithrootincident_summary
| edr.crowdstrike.cannonfalconstreaming.asepvalueupdateincident_summary
|
edr.crowdstrike.cannon.channelversionrequiredfalconstreaming.mobile_detection_summary
| edr.crowdstrike.cannon.detectionexcludedfalconstreaming.mobile_detection_summary
|
edr.crowdstrike.cannonfalconstreaming.dnsrequestother
| edr.crowdstrike.cannonfalconstreaming.endofprocessother
|
edr.crowdstrike.cannon.neighborlistip4falconstreaming.recon_notification_summary
| edr.crowdstrike.cannon.networkconnectip4falconstreaming.recon_notification_summary
|
edr.crowdstrike.cannon.otherfalconstreaming.remote_response_session
| edr.crowdstrike.cannon.processrollup2falconstreaming.remote_response_session
|
edr.crowdstrike.cannon.processrollup2statsfalconstreaming.scheduled_report_notification
| edr.crowdstrike.cannon.sensorheartbeatfalconstreaming.scheduled_report_notification
|
edr.crowdstrike.cannon.syntheticprocessrollup2falconstreaming.user_activity_groups
| edr.crowdstrike.falconstreaming.user_activity_groups
|
edr.crowdstrike.falconstreaming.user_activity_quarantined_files
| edr.crowdstrike.falconstreaming.user_activity_quarantined_files
|
edr.crowdstrike.falconstreaming.user_activity_sensor_update_policy
| edr.crowdstrike.falconstreaming.user_activity_sensor_update_policy
|
edr.crowdstrike.falconstreaming.user_activity_other
| edr.crowdstrike.falconstreaming.user_activity_other
|
edr.crowdstrike.falconstreaming.recon_notification_summary
| edr.crowdstrike.falconstreaming.recon_notification_summary
|
edr.crowdstrike.falconstreaming.user_activity_devices
| edr.crowdstrike.falconstreaming.user_activity_devices
|
edr.crowdstrike.falconstreaming.user_activity_detections
| edr.crowdstrike.falconstreaming.user_activity_detections
|
edr.crowdstrike.falconstreaming.user_activity_ip_whitelist
| edr.crowdstrike.falconstreaming.user_activity_ip_whitelist
|
edr.crowdstrike.falconstreaming.vulnerabilities
| edr.crowdstrike.falconstreaming.vulnerabilities
|
edr.crowdstrike.falcon
| edr.crowdstrike.falcon
|
