edr.superna
Introduction
The tags begin with edr.superna
identify the events generated by Superna.
Tag structure
The full tag must have 4 levels. The first two are fixed as edr.superna
. The third level identifies the type of events sent, and the fourth level indicates the event subtype.
Product / Services | Tags | Data tables |
---|---|---|
Superna Eyeglass Ransomware Defender |
|
|
|
|
For more information, read more about Devo tags.
Table structure
These are the fields displayed in these tables:
edr.superna.ransomware_defender.alarms
Field | Type | Extra fields |
---|---|---|
eventdate |
| Â |
hostname |
| Â |
timestamp |
| Â |
aid |
| Â |
port |
| Â |
type |
| Â |
entity_type |
| Â |
extra_data |
| Â |
description |
| Â |
severity |
| Â |
impact |
| Â |
category |
| Â |
hostchain |
| ✓ |
tag |
| ✓ |
rawMessage |
| ✓ |
edr.superna.ransomware_defender.events
Field | Type | Extra fields |
---|---|---|
eventdate |
| Â |
hostname |
| Â |
timestamp |
| Â |
structured_data |
| Â |
message |
| Â |
hostchain |
| ✓ |
tag |
| ✓ |
rawMessage |
| ✓ |