edr.superna

[ 1 Introduction ] [ 2 Tag structure ] [ 3 Table structure ]

Introduction

The tags begin with edr.superna identify the events generated by Superna.

Tag structure

The full tag must have 4 levels. The first two are fixed as edr.superna. The third level identifies the type of events sent, and the fourth level indicates the event subtype.

Product / Services	Tags	Data tables

Product / Services	Tags	Data tables
Superna Eyeglass Ransomware Defender	`edr.superna.ransomware_defender.alarms`	`edr.superna.ransomware_defender.alarms`
Superna Eyeglass Ransomware Defender	`edr.superna.ransomware_defender.events`	`edr.superna.ransomware_defender.events`

For more information, read more about Devo tags.

Table structure

These are the fields displayed in these tables:

edr.superna.ransomware_defender.alarms
edr.superna.ransomware_defender.events

edr.superna.ransomware_defender.alarms

Field	Type	Extra fields

Field	Type	Extra fields
eventdate	`timestamp`
hostname	`str`
timestamp	`timestamp`
aid	`str`
port	`str`
type	`str`
entity_type	`str`
extra_data	`str`
description	`str`
severity	`str`
impact	`str`
category	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

edr.superna.ransomware_defender.events

Field	Type	Extra fields

Field	Type	Extra fields
eventdate	`timestamp`
hostname	`str`
timestamp	`str`
structured_data	`str`
message	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓