Document toolboxDocument toolbox

Antivirus

Owned by Juan Tomás Alonso Nieto (Unlicensed)
Last updated: Jan 12, 2022
2 min read

This group includes tables that start with the level av. These tables receive data generated by antivirus and protection software.

Company Product / service Data tables

Mobile Threat Prevention 

  • av.checkpoint.mtp.audit
  • av.checkpoint.mtp.event

F-Secure Internet Gatekeeper

  • av.fsecure.igk.access

McAfee ePolicy Orchestrator (McAfee ePO)

  • av.mcafee.epo.agent
  • av.mcafee.epo.endpointsecurity
  • av.mcafee.epo.virusscan

Check more info about these parsers

SentinelOne Endpoint Protection Platform (EPP)

  • av.sentinelone.events

Sophos AntiVirus

  • av.sophos.applicationcontrol
  • av.sophos.devicecontrol 
  • av.sophos.enterprise
  • av.sophos.events
  • av.sophos.tamperprotection 
  • av.sophos.threatinstances 
  • av.sophos.threats 

Check more info about these parsers


Symantec Endpoint Protection

  • av.symantec.sep.mail

Symantec Endpoint Protection Cloud

  • av.symantec.sepc.events

Deep Security Software

  • av.trendmicro.deepsec.agent
  • av.trendmicro.deepsec.console
  • av.trendmicro.deepsec.manager

InterScan Web Security Virtual Appliance

  • av.trendmicro.iwsva.event