/
nac.forescout
nac.forescout
- Juan Tomás Alonso Nieto (Deactivated)
May 08, 2023
1 min read
Analytics
Loading data...
[ 1 Introduction ] [ 2 Valid tags and data tables ] [ 3 Table structure ]
Introduction
Tags beginning with nac.forescout identify events generated by Forescout.
Valid tags and data tables
The full tag must have 3 levels. The first two are fixed as nac.forescout. The third level identifies the type of events sent, and the fourth level indicates the event subtype.
Technology | Brand | Type | Subtype |
|---|---|---|---|
nac | forescout |
|
|
These are the valid tags and corresponding data tables that will receive the parsers' data:
Tag | Data table |
|---|---|
nac.forescout.counteract.policy | nac.forescout.counteract.policy |
Table structure
This is the set displayed by these tables.
nac.forescout.counteract.policy
Field | Type | Extra Label |
|---|---|---|
eventdate |
| - |
machine |
| - |
serverdate |
| - |
hostname |
| - |
procName |
| - |
procId |
| - |
sourceIp |
| - |
rule |
| - |
details |
| - |
match |
| - |
category |
| - |
rawMessage |
| - |
hostchain |
| ✓ |
tag |
| ✓ |
, multiple selections available,
Related content
nac.forescout
nac.forescout
More like this
network.cisco
network.cisco
More like this
dmp.cohesity
dmp.cohesity
More like this
threatintel.anomaly
threatintel.anomaly
More like this
xdr.cynet
xdr.cynet
More like this
Network Access Control
Network Access Control
More like this