endpoint.vmware

[ 1 Introduction ] [ 2 Valid tags and data tables ]

Introduction

The tags beginning with endpoint.vmware identify events generated by VM Ware Carbon Black.

Valid tags and data tables

The full tag must have 4 levels. The first two are fixed as endpoint.vmware. The third level identifies the type of events sent, and the fourth level indicates the event subtype.

Technology	Brand	Type	Subtype

Technology	Brand	Type	Subtype
endpoint	vmware	cbc_api cbc_defender cbd_event_forwarder cbd_event_forwarder.endpoint	alerts audit_logs cb_analytics kognos_alerts kognos_events event_apicall event_crossproc event_filemod event_moduleload event_netconn event_procstart event_regmod event_scriptload unknown

These are the valid tags and corresponding data tables that will receive the parsers' data:

Tag	Data table

Tag	Data table
endpoint.vmware.cbc_api.alerts	endpoint.vmware.cbc_api.alerts
endpoint.vmware.cbc_defender.audit_logs	endpoint.vmware.cbc_defender.audit_logs
endpoint.vmware.cbc_event_forwarder.kognos_alerts	endpoint.vmware.cbc_event_forwarder.kognos_alerts
endpoint.vmware.cbc_event_forwarder.kognos_events	endpoint.vmware.cbc_event_forwarder.kognos_events
endpoint.vmware.cbc_event_forwarder.cb_analytics	endpoint.vmware.cbc_event_forwarder.cb_analytics
endpoint.vmware.cbc_event_forwarder.endpoint_event_apicall	endpoint.vmware.cbc_event_forwarder.endpoint_event_apicall
endpoint.vmware.cbc_event_forwarder.endpoint_event_crossproc	endpoint.vmware.cbc_event_forwarder.endpoint_event_crossproc
endpoint.vmware.cbc_event_forwarder.endpoint_event_filemod	endpoint.vmware.cbc_event_forwarder.endpoint_event_filemod
endpoint.vmware.cbc_event_forwarder.endpoint_event_moduleload	endpoint.vmware.cbc_event_forwarder.endpoint_event_moduleload
endpoint.vmware.cbc_event_forwarder.endpoint_event_netconn	endpoint.vmware.cbc_event_forwarder.endpoint_event_netconn
endpoint.vmware.cbc_event_forwarder.endpoint_event_procstart	endpoint.vmware.cbc_event_forwarder.endpoint_event_procstart
endpoint.vmware.cbc_event_forwarder.endpoint_event_procend	endpoint.vmware.cbc_event_forwarder.endpoint_event_procend
endpoint.vmware.cbc_event_forwarder.endpoint_event_regmod	endpoint.vmware.cbc_event_forwarder.endpoint_event_regmod
endpoint.vmware.cbc_event_forwarder.endpoint_event_scriptload	endpoint.vmware.cbc_event_forwarder.endpoint_event_scriptload
endpoint.vmware.cbc_event_forwarder.unknown	endpoint.vmware.cbc_event_forwarder.unknown