Understanding the db_ControlManager Tables

To access all tables in the Control Manager database, use a Microsoft Access project (*.adp /*.ade) or Microsoft SQL Management Studio.

Note:

Do not use any of the SQL tools to add, delete, or modify records without instructions from Trend Micro Technical Support.

The following tables make up the Control Manager database:

Table 1. User/Endpoint Directory Tables

Directory Management Tables

Description

tb_WebSecurityLog

Stores Web access violation logs from products

tb_SecurityLog

Stores Content violation logs received from ScanMail and InterScan Messaging products

tb_LogGeneral

Stores Net packet scanning logs from network-based products such as Deep Discovery Inspector

tb_LogDataLossPrevention

Stores Data Loss Prevention related logs sent/received from products

tb_AV*Log

* corresponds to Virus, Event, StatusEngineInfo, and StatusPatternInfo

Stores product logs

Virus table stores virus/malware incident logs detected by products. Other tables store the product status log as well as the pattern and engine version, update and deploy time, and unhandled virus counts.

tb_SpywareLog

Stores malicious spyware information detected by product

tb_PersonalFirewallLog

Stores personal firewall detection log from OfficeScan

tb_LogBehaviorMonitor

Stores malicious system behavior incident detected by OfficeScan

tb_Network_Content_Inspection_Engine_Log

Stores blocked C&C server connection attempt logs from OfficeScan

tb_FileHashDetectionLog

Stores suspicious file detection logs from managed products

tb_LogIntrusionPrevention

Stores intrusion prevention logs from Deep Security and Vulnerability Protection

tb_MachineLearning_Detection_Log

Stores Predictive Machine Learning detection logs from OfficeScan

tb_ApplicationControlEvent

Stores endpoint application control violation logs from Endpoint Application Control

tb_SandboxDetectionlog

Stores Virtual Analyzer detection logs from managed products

Table 2. Directory Management Tables

Directory Management Tables

Description

CDSM_Entity

Stores the managed product information

CDSM_Agent

Stores Communicator information

CDSM_Registry

Stores registry information

CDSM_UserLog

Stores information as to who, which options, and what time a user accesses the web console; this is useful for auditing web console accesses

CDSM_SystemEventlog

Stores system logs generated by internal processes

Table 3. Server Command Controller Tables

Server Command Controller Tables

Description

tb_TVCSCommandList

Stores managed product commands

tb_TVCSCommandTaskQueue

Stores commands issued to managed products

tb_CommandTracking

Stores command status

tb_CommandItemTracking

Stores detailed command status

tb_ProcessInfo

Stores information for MsgReceiver.exe, CmdProcessor.exe, LogReceiver.exe, LogRetriever.exe, etc.

tb_LoginUserSessionData

Stores user logon session control

tb_ManualDownload

Stores manual download information

tb_ScheduleDownload

Stores scheduled download information

Table 4. Managed Product Tables

Managed Product Tables

Description

tb_EntityInfo

Stores the managed product information

Table 5. Log Tables

Log Tables

Description

tb_TempLog

Stores the raw data of product logs

tb_AV*Log

Stores product log

* corresponds to Virus, Event, Status, PEInfo, WebSecurity.

These tables store the product status log as well as the pattern and engine version, update and deploy time, and the unhandled virus count.

tb_InValidLog

Stores unidentified log information

  • tb_TotalWebSecurityCount

  • tb_TotalVirusCount

  • tb_TotalSecurityCount

  • tb_TopTenSource

  • tb_TopTenDestination

  • tb_TopTenVirus

Stores virus summary information for Status Summary and reports

tb_LogPurgePolicy

Stores purge log settings

tb_LogPurgeCounter

Stores purge log counter

  • tb_InstanceForVirusOutbreak

  • tb_InstanceForSpecialVirus

  • tb_InstanceForVirusOutbreak

Stores log instances used in alert notifications

Table 6. Notification Tables

Notification Tables

Description

  • tb_Alert_NTF_JobList

  • tb_Event_NTF_JobList

Stores notification queue list

tb_EventNotificationFilter

Stores Event Center configuration

  • tb_SendEMailNotification

  • tb_SendSNMPTrapNotification

  • tb_SendWindowsNTEventLogNotification

  • tb_LaunchAProgramNotification

  • tb_SendSysLogNotification

Stores notification method settings

tb_VirusOutBreakPolicy

Stores rules used during virus outbreak

tb_SpecialVirusPolicy

Stores the user specified virus name

  • tb_VirusOutbreakAccumulate

  • tb_SpecialVirusAccumulate

Stores virus counter information

  • tb_UGNtfRelation

  • tb_NtfUserGROUP

  • tb_GroupAndUserRelation

Stores user and group notification settings

Table 7. Report Tables

Report Tables

Description

  • tb_ReportScheduleTask

  • tb_ReportTaskQueue

Stores and handles report generation tasks

tb_ReportItemTracking

Stores report template file catalog

Table 8. Pattern and Engine Deployment Tables

Pattern and Engine Deployment Tables

Description

  • tb_DeploymentPlans

  • tb_DeploymentPlansTF

Stores deployment plan information

tb_DeploymentPlanTasks

Stores deployment task queue

tb_DeployNowJobList

Stores ongoing deployment plan status

tb_DeployCommandTracking

Stores deployment command tracking information

tb_DeploymentPlanTargets

Stores the managed product information that applied the deploy command