You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 8
Next »
This group includes tags that start with the level ids
. These tags identify data generated by Intrusion Detection Systems (IDS).
Company | Product / service | Valid tags |
---|
| Bricata IDS | ids.bricata.broall ids.bricata.brocata ids.bricata.broconn ids.bricata.burocata ids.bricata.suricata
|
| Bro IDS (now Zeek Network Security Monitor) | ids.bro.captureloss ids.bro.communication ids.bro.conn ids.bro.dhcp ids.bro.dns ids.bro.dpd ids.bro.files ids.bro.ftp ids.bro.http ids.bro.knownhosts ids.bro.knownservices ids.bro.notice ids.bro.reporter ids.bro.snmp ids.bro.software ids.bro.ssh ids.bro.ssl ids.bro.stats ids.bro.weird ids.bro.x509
|
| | |
| ExtraHop solution | ids.extrahop.audit ids.extrahop.detections ids.extrahop.cifs ids.extrahop.crwd ids.extrahop.dhcp ids.extrahop.dns ids.extrahop.ftp ids.extrahop.http ids.extrahop.kerberos ids.extrahop.ldap ids.extrahop.llmnr ids.extrahop.mongodb ids.extrahop.nfs ids.extrahop.ntlm ids.extrahop.rdp ids.extrahop.rfb ids.extrahop.rpc ids.extrahop.ssh ids.extrahop.ssl ids.extrahop.telnet ids.extrahop.flow
|
| Huawei NIP intrusion detection system (IDS) | ids.huawei.nip.assoc ids.huawei.nip.atk ids.huawei.nip.iprpu
|
| Juniper SRX Firewall | |
| Resevoir R-Scope Advanced Threat Detection | ids.rscope.communication ids.rscope.conn ids.rscope.dce_rpc ids.rscope.dhcp ids.rscope.dns ids.rscope.dpd ids.rscope.files ids.rscope.ftp ids.rscope.http ids.rscope.intel ids.rscope.irc ids.rscope.kerberos ids.rscope.known_hosts ids.rscope.known_services ids.rscope.modbus ids.rscope.mysql ids.rscope.notice ids.rscope.ntlm ids.rscope.pe ids.rscope.protocolstats_orig ids.rscope.protocolstats_resp ids.rscope.radius ids.rscope.rdp ids.rscope.removed_files ids.rscope.reporter ids.rscope.rfb ids.rscope.rscopestats-byte ids.rscope.rscopestats-core ids.rscope.rscopestats-misc ids.rscope.rscopestats-pckt ids.rscope.rscopestats-port ids.rscope.rscopestats-sys ids.rscope.sip ids.rscope.smb_files ids.rscope.smb_mapping ids.rscope.smtp ids.rscope.snmp ids.rscope.socks ids.rscope.software ids.rscope.ssh ids.rscope.ssl ids.rscope.stats ids.rscope.stderr ids.rscope.stdout ids.rscope.syslog ids.rscope.tunnel ids.rscope.weird ids.rscope.x509
|
| Snort Intrusion Detection (Open source) | |
| Suricata threat detection engine | ids.suricata.dns ids.suricata.events ids.suricata.fast ids.suricata.files ids.suricata.http ids.suricata.stdout
|