Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Introduction

The tags begin with edr.blackberry.cylance identify the events generated by Blackberry.

Valid tags and data tables

The full tag must have 4 levels. The first three are fixed as edr.blackberry.cylance. The fourth level identifies the type of event sent

Technology

Brang

Type

Subtype

edr

blackberry

cylance

  • users

  • policies

  • threats

  • detections

  • detections_rules

  • detections_exceptions

  • devices

These are the valid tags and corresponding data tables that will receive the parsers' data:

Tag

Data table

edr.blackberry.cylance.users

edr.blackberry.cylance.users

edr.blackberry.cylance.policies

edr.blackberry.cylance.policies

edr.blackberry.cylance.threats

edr.blackberry.cylance.threats

edr.blackberry.cylance.optics_detections

edr.blackberry.cylance.optics_detections

edr.blackberry.cylance.optics_detections_rules

edr.blackberry.cylance.optics_detections_rules

edr.blackberry.cylance.optics_detections_exceptions

edr.blackberry.cylance.optics_detections_exceptions

edr.blackberry.cylance.devices

edr.blackberry.cylance.devices

Fields transformations

  • No labels