...
Table | Description |
|---|---|
edr.crowdstrike.falconstreaming.* | Data from different CrowdStrike APIs |
edr.crowdstrike.falconstreaming.detection_summary | Threat intelligence relating to processes and users. |
edr.crowdstrike.falconstreaming.alert | Threat intelligence relating to files. |
Devo Collector Features
Feature | Details |
|---|---|
Allow parallel downloading (multipod) |
|
Running environments |
|
Populated Devo events |
|
Flattening pre-processing |
|
Allowed source events obfuscation |
|
...