This group includes tags tables that start with the level av
. These tags identify tables receive data generated by antivirus and protection software.
Company | Product / service | Valid tagsData tables |
---|
| Mobile Threat Prevention | av.checkpoint.mtp.audit av.checkpoint.mtp.event
|
| F-Secure Internet Gatekeeper | |
| McAfee ePolicy Orchestrator (McAfee ePO) | av.mcafee.epo.agent av.mcafee.epo.eventsendpointsecurity av.mcafee.epo.threatvirusscan
Check more info about these parsers |
| SentinelOne Endpoint Protection Platform (EPP) | |
| Sophos AntiVirus | av.sophos.applicationcontrol av.sophos.devicecontroldevicecontrol av.sophos.enterprise av.sophos.events av.sophos.tamperprotectiontamperprotection av.sophos.threatinstancesthreatinstances av.sophos.threatsthreats
Check more info about these parsers |
| Symantec Endpoint Protection | |
Symantec Endpoint Protection Cloud | |
| Deep Security Software | av.trendmicro.deepsec.agent av.trendmicro.deepsec.console av.trendmicro.deepsec.manager
|
InterScan Web Security Virtual Appliance | av.trendmicro.iwsva.event
|
...