Document toolboxDocument toolbox

av - Antivirus

This group includes tables that start with the level av. These tables receive data generated by antivirus and protection software.

Company

Product / Service

Data tables

Company

Product / Service

Data tables

-

-

  • av.all.threats

Union table - av.all.threats

This is a union table that collects events from a set of tables for easy access and analysis.

Learn more about this union table in this article.

Mobile Threat Prevention 

  • av.checkpoint.mtp.audit

  • av.checkpoint.mtp.event

More information

F-Secure Internet Gatekeeper

  • av.fsecure.igk.access

More information

McAfee ePolicy Orchestrator (McAfee ePO)

  • av.mcafee.epo.agent

  • av.mcafee.epo.dlp

  • av.mcafee.epo.endpointsecurity

  • av.mcafee.epo.events

  • av.mcafee.epo.threat

  • av.mcafee.epo.virusscan

More information

SentinelOne Endpoint Protection Platform (EPP)

  • av.sentinelone.events

  • av.sentinelone.rfc_5424

More information

Sophos AntiVirus

  • av.sophos

  • av.sophos.applicationcontrol

  • av.sophos.devicecontrol 

  • av.sophos.enterprise

  • av.sophos.events

  • av.sophos.tamperprotection 

  • av.sophos.threatinstances 

  • av.sophos.threats

More information

Symantec Data Center Security: Server Advanced

  • av.symantec.dcs_sa.auditing

  • av.symantec.dcs_sa.events

More information

Symantec Endpoint Protection

  • av.symantec.sep.mail

More information

Symantec Endpoint Protection Cloud

  • av.symantec.sepc.events

More information

Trend Micro Deep Security

  • av.trendmicro.deepsec.agent

  • av.trendmicro.deepsec.alerts

  • av.trendmicro.deepsec.antimalwareevents

  • av.trendmicro.deepsec.console

  • av.trendmicro.deepsec.firewallevents

  • av.trendmicro.deepsec.integrityevents

  • av.trendmicro.deepsec.manager

More information

Trend Micro InterScan Web Security Virtual Appliance (IWSVA)

  • av.trendmicro.iwsva.event

More information