...
Tags | Data tables |
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
...
These are the fields displayed in this these table:
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Extra Label | Source field name | Extra fields |
---|---|---|---|---|
eventdate |
| |||
hostname |
| |||
priorityCode |
| |||
cefTag |
| |||
cefVersion |
| |||
embDeviceVendor |
| |||
embDeviceProduct |
| |||
deviceVersion |
| |||
signatureID |
| |||
name |
| |||
severity |
| |||
_cefVer |
| |||
cn3Label |
| |||
cs5Label |
| |||
cn2Label |
| |||
dvc |
| |||
cs3Label |
| |||
cs4Label |
| |||
in |
| |||
cs1 |
| |||
cs6Label |
| |||
rt |
| |||
cn1Label |
| |||
out |
| |||
cs2Label |
| |||
cs1Label |
| |||
dtz |
| |||
deviceZoneID |
| |||
eventAnnotationAuditTrail |
| |||
eventAnnotationVersion |
| |||
eventAnnotationModificationTime |
| |||
art |
| |||
originalAgentAddress |
| |||
eventId |
| |||
at |
| |||
mrt |
| |||
customerURI |
| |||
originalAgentZoneURI |
| |||
assetCriticality |
| |||
eventAnnotationFlags |
| |||
agt |
| |||
modelConfidence |
| |||
aid |
| |||
amac |
| |||
Severity |
| |||
relevance |
| |||
av |
| |||
eventAnnotationStageUpdateTime |
| |||
locality |
| |||
ahost |
| |||
originalAgentVersion |
| |||
customerID |
| |||
atz |
| |||
originalAgentMacAddress |
| |||
originalAgentType |
| |||
originalAgentId |
| |||
eventAnnotationManagerReceiptTime |
| |||
originalAgentHostName |
| |||
priority |
| |||
deviceZoneURI |
| |||
eventAnnotationEndTime |
| |||
hostchain |
| ✓ | ||
tag |
| cefTag | ✓cefTag | |
rawMessage |
|
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Extra Label | Source field name | Extra fields |
---|---|---|---|---|
eventdate |
| |||
rawMessage |
| ✓ | ||
hostchain |
| ✓ | ||
priorityCode |
| |||
cefTag |
| |||
cefVersion |
| |||
embDeviceVendor |
| |||
embDeviceProduct |
| |||
deviceVersion |
| |||
signatureID |
| |||
name |
| |||
severity |
| |||
_cefVer |
| |||
act |
| |||
app |
| |||
cat |
| |||
c6a1Label |
| |||
c6a1 |
| |||
c6a2Label |
| |||
c6a2 |
| |||
c6a3Label |
| |||
c6a3 |
| |||
c6a4Label |
| |||
c6a4 |
| |||
cfp1Label |
| |||
cfp1 |
| |||
cfp2Label |
| |||
cfp2 |
| |||
cfp3Label |
| |||
cfp3 |
| |||
cfp4Label |
| |||
cfp4 |
| |||
cn1Label |
| |||
cn1 |
| |||
cn2Label |
| |||
cn2 |
| |||
cn3Label |
| |||
cn3 |
| |||
cnt |
| |||
cs1Label |
| |||
cs1 |
| |||
cs2Label |
| |||
cs2 |
| |||
cs3Label |
| |||
cs3 |
| |||
cs4Label |
| |||
cs4 |
| |||
cs5Label |
| |||
cs5 |
| |||
cs6Label |
| |||
cs6 |
| |||
destinationDnsDomain |
| |||
destinationServiceName |
| |||
destinationTranslatedAddress |
| |||
destinationTranslatedPort |
| |||
deviceCustomDate1Label |
| |||
deviceCustomDate1 |
| |||
deviceCustomDate2Label |
| |||
deviceCustomDate2 |
| |||
deviceDirection |
| |||
deviceDnsDomain |
| |||
deviceExternalId |
| |||
deviceInboundInterface |
| |||
deviceMacAddress |
| |||
deviceNtDomain |
| |||
deviceOutboundInterface |
| |||
deviceProcessName |
| |||
deviceTranslatedAddress |
| |||
dhost |
| |||
dmac |
| |||
dntdom |
| |||
dpid |
| |||
dpriv |
| |||
dproc |
| |||
dst |
| |||
duid |
| |||
duser |
| |||
dvchost |
| |||
dvc |
| |||
dvcpid |
| |||
end |
| |||
deviceFacility |
| |||
externalId |
| |||
fileCreateTime |
| |||
fileHash |
| |||
fileId |
| |||
fileModificationTime |
| |||
filePath |
| |||
filePermission |
| |||
fileType |
| |||
fname |
| |||
fsize |
| |||
in |
| |||
msg |
| |||
oldFileCreateTime |
| |||
oldFileHash |
| |||
oldFileId |
| |||
oldFileModificationTime |
| |||
oldFileName |
| |||
oldFilePath |
| |||
oldFilePermission |
| |||
oldFileSize |
| |||
oldFileType |
| |||
outcome |
| |||
out |
| |||
proto |
| |||
reason |
| |||
requestClientApplication |
| |||
requestCookies |
| |||
requestMethod |
| |||
request |
| |||
rt |
| |||
shost |
| |||
smac |
| |||
sntdom |
| |||
sourceDnsDomain |
| |||
sourceServiceName |
| |||
sourceTranslatedAddress |
| |||
sourceTranslatedPort |
| |||
spid |
| |||
spriv |
| |||
sproc |
| |||
spt |
| |||
src |
| |||
start |
| |||
suid |
| |||
suser |
| |||
catdt |
| |||
deviceDomain |
| |||
deviceSeverity |
| |||
dpt |
| |||
dtz |
| |||
dvcmac |
| |||
endTime |
| |||
eventId |
| |||
flexNumber1 |
| |||
flexNumber1Label |
| |||
flexNumber2 |
| |||
flexNumber2Label |
| |||
flexString1 |
| |||
flexString1Label |
| |||
flexString2 |
| |||
flexString2Label |
| |||
modelConfidence |
| |||
priority |
| |||
relevance |
| |||
requestContext |
| |||
sessionId |
| |||
slat |
| |||
slong |
| |||
dlat |
| |||
dlong |
| |||
sourceGeoCountryCode |
| |||
sourceGeoLocationInfo |
| |||
sourceGeoPostalCode |
| |||
sourceGeoRegionCode |
| |||
destinationGeoCountryCode |
| |||
destinationGeoLocationInfo |
| |||
destinationGeoPostalCode |
| |||
destinationGeoRegionCode |
| |||
agt |
| |||
ahost |
| |||
art |
| |||
atz |
| |||
mrt |
| |||
categoryBehavior |
| |||
categoryCustomFormatField |
| |||
categoryDeviceGroup |
| |||
categoryObject |
| |||
categoryOutcome |
| |||
categorySignificance |
| |||
categoryTechnique |
| |||
categoryTupleDescription |
| |||
assetCriticality |
| |||
customerID |
| |||
customerURI |
| |||
tag |
| cefTag | ✓ |
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Source field name | Extra fields |
---|---|---|---|
eventdate |
| ||
hostname |
| ||
priorityCode |
| ||
cefTag |
| ||
cefVersion |
| ||
embDeviceVendor |
| ||
embDeviceProduct |
| ||
deviceVersion |
| ||
signatureID |
| ||
name |
| ||
severity |
| ||
_cefVer |
| ||
shost |
| ||
dhost |
| ||
dst |
| ||
duser |
| ||
fname |
| ||
proto |
| ||
request |
| ||
rt |
| ||
src |
| ||
app |
| ||
suser |
| ||
sproc |
| ||
act |
| ||
start |
| ||
externalId |
| ||
msg |
| ||
spt |
| ||
dpt |
| ||
cs1 |
| ||
cs1Label |
| ||
cs2 |
| ||
cs2Label |
| ||
cs3 |
| ||
cs3Label |
| ||
cs4 |
| ||
cs4Label |
| ||
cs5 |
| ||
cs5Label |
| ||
hostchain |
| ✓ | |
tag |
| cefTag | ✓ |
rawMessage |
|
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Source field name | Extra fields |
---|---|---|---|
eventdate |
|
| |
hostname |
|
| |
priority_code |
|
| |
cef_tag |
|
| |
cef_version |
|
| |
emb_device_vendor |
|
| |
emb_device_product |
|
| |
device_version |
|
| |
signature_id |
|
| |
name |
|
| |
severity |
|
| |
file_path |
|
| |
file_type |
|
| |
message |
|
| |
reason |
|
| |
source_hostname |
|
| |
source_process_name |
|
| |
source_username |
|
| |
hostchain |
|
| ✓ |
tag |
| cef_tag | ✓ |
rawMessage |
| ✓ |
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Source field name | Extra fields |
---|---|---|---|
eventdate |
| ||
hostname |
| ||
priorityCode |
| ||
cefTag |
| ||
cefVersion |
| ||
embDeviceVendor |
| ||
embDeviceProduct |
| ||
deviceVersion |
| ||
signatureID |
| ||
name |
| ||
severity |
| ||
_cefVer |
| ||
cat |
| ||
c6a4Label |
| ||
cn1Label |
| ||
cn1 |
| ||
cn2Label |
| ||
cn2 |
| ||
cs3Label |
| ||
cs3 |
| ||
cs4Label |
| ||
cs4 |
| ||
cs5Label |
| ||
cs5 |
| ||
dvchost |
| ||
rt |
| ||
adDesc |
| ||
agentZoneURI |
| ||
agt |
| ||
ahost |
| ||
aid |
| ||
amac |
| ||
art |
| ||
at |
| ||
atz |
| ||
av |
| ||
customerURI |
| ||
deviceSeverity |
| ||
dtz |
| ||
eventId |
| ||
geid |
| ||
hostchain |
| ✓ | |
tag |
| cefTag | ✓ |
rawMessage |
| ✓ |
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Source field name | Extra fields |
---|---|---|---|
eventdate |
| ||
hostname |
| ||
priorityCode |
| ||
cefTag |
| ||
cefVersion |
| ||
embDeviceVendor |
| ||
embDeviceProduct |
| ||
deviceVersion |
| ||
signatureID |
| ||
name |
| ||
severity |
| ||
_cefVer |
| ||
act |
| ||
cat |
| ||
cs1Label |
| ||
cs1 |
| ||
dvchost |
| ||
msg |
| ||
src |
| ||
suser |
| ||
hostchain |
| ✓ | |
tag |
| cefTag | ✓ |
rawMessage |
| ✓ |