Document toolboxDocument toolbox

edr.superna

Introduction

The tags begin with edr.superna identify the events generated by Superna.

Tag structure

The full tag must have 4 levels. The first two are fixed as edr.superna. The third level identifies the type of events sent, and the fourth level indicates the event subtype.

Product / Services

Tags

Data tables

Product / Services

Tags

Data tables

Superna Eyeglass Ransomware Defender

edr.superna.ransomware_defender.alarms

edr.superna.ransomware_defender.alarms

edr.superna.ransomware_defender.events

edr.superna.ransomware_defender.events

For more information, read more about Devo tags.

Table structure

These are the fields displayed in these tables:

edr.superna.ransomware_defender.alarms

Field

Type

Extra fields

Field

Type

Extra fields

eventdate

timestamp

 

hostname

str

 

timestamp

timestamp

 

aid

str

 

port

str

 

type

str

 

entity_type

str

 

extra_data

str

 

description

str

 

severity

str

 

impact

str

 

category

str

 

hostchain

str

✓

tag

str

✓ 

rawMessage

str

✓

edr.superna.ransomware_defender.events

Field

Type

Extra fields

Field

Type

Extra fields

eventdate

timestamp

 

hostname

str

 

timestamp

str

 

structured_data

str

 

message

str

 

hostchain

str

✓

tag

str

✓ 

rawMessage

str

✓