| Table of Contents | ||||
|---|---|---|---|---|
|
...
The tags beginning with threatintel.socradar identify events generated by SOCRadar's Extended Threat Intelligence belonging to SOCRadar.
Valid tags and data tables
The full tag must have 46 levels. The first two are fixed asthreatintel.socradar. The third level identifies the product, the fourth indicates the type of events sent and the fourth indicates rest of them indicate the event subtypes.
These are the valid tags and corresponding data tables that will receive the parsers' data:
...
These are the fields displayed in these tables:
threatintel.socradar.xti.audit_logs
...