nac.forescout
- Juan Tomás Alonso Nieto (Deactivated)
May 08, 2023
1 min read
Loading data...
[ 1 Introduction ] [ 2 Valid tags and data tables ] [ 3 Table structure ]
Introduction
Tags beginning with nac.forescout identify events generated by Forescout.
Valid tags and data tables
The full tag must have 3 levels. The first two are fixed as nac.forescout. The third level identifies the type of events sent, and the fourth level indicates the event subtype.Â
Technology | Brand | Type | Subtype |
|---|---|---|---|
nac | forescout |
|
|
These are the valid tags and corresponding data tables that will receive the parsers' data:
Tag | Data table |
|---|---|
nac.forescout.counteract.policy | nac.forescout.counteract.policy |
Table structure
This is the set displayed by these tables.
nac.forescout.counteract.policy
Field | Type | Extra Label |
|---|---|---|
eventdate |
| - |
machine |
| - |
serverdate |
| - |
hostname |
| - |
procName |
| - |
procId |
| - |
sourceIp |
| - |
rule |
| - |
details |
| - |
match |
| - |
category |
| - |
rawMessage |
| - |
hostchain |
| ✓ |
tag |
| ✓ |
Â