Field Name |
General Field |
Description |
Sample |
---|---|---|---|
endpointGuid |
EndpointID |
Host GUID of the endpoint on which the event was detected |
|
endpointHostName |
EndpointName |
Host Name of the endpoint on which the event was detected |
|
endpointIp |
|
IP address of the endpoint on which the event was detected |
|
endpointModel |
- |
Model of the endpoint on which the event was detected |
|
osName |
- |
Operating system of the endpoint on which the event was detected |
|
osVer |
- |
Operating system version of the endpoint on which the event was detected |
|
eventId |
- |
Event type |
|
eventSubId |
- |
Access type of an event |
|
firstSeen |
- |
Time recorded when the agent detected the event |
|
logonUser |
UserAccount |
The logon user name |
|
userType |
UserType |
MDM solution that the customer is using |
|
pname |
- |
Product name |
|
pver |
- |
Product version |
|
Field Name |
General Field |
Description |
Sample |
---|---|---|---|
objectAppPackageName |
- |
Name of the app package that the agent detected |
|
objectAppInstalledTime |
- |
Installation time of the app that the agent detected |
|
objectAppLabel |
- |
Label of the app that the agent detected |
|
objectAppSize |
- |
Size of the app that the agent detected |
|
objectAppIsSystemApp |
- |
Whether the app that the agent detected is a system app |
|
objectAppVerCode |
- |
Version code of the app that the agent detected |
|
objectAppSha256 |
- |
SHA-256 of the app that the agent detected |
|
objectAppPublicKeySha1 |
- |
SHA-1 pubic key of the app that the agent detected |
|
Field Name |
General Field |
Description |
Sample |
---|---|---|---|
request |
URL |
URL that was requested |
|
appLabel |
- |
Label of the app on which the event was detected |
|
appPkgName |
- |
Name of the app package on which the event was detected |
|
appPublicKeySha1 |
- |
SHA-1 public key of the app on which the event was detected |
|
appSize |
- |
Size of the app on which the event was detected |
|
appIsSystem |
- |
Whether the app on which the event was detected is a system app |
|
objectHostName |
- |
Hostname of the requested URL |
|
appVerCode |
- |
Version code of the app on which the event was detected |
|
Field Name |
General Field |
Description |
Sample |
---|---|---|---|
objectSystemEventAttr |
- |
System event that the endpoint triggered |
|
Field Name |
General Field |
Description |
Sample |
---|---|---|---|
objectFilePath |
|
File path of the target process image or file |
|
objectFileSize |
- |
Size of the target process image or file |
|
objectFileCreation |
- |
Creation time of the target process image or file |
|
objectFileModifiedTime |
- |
Modification time of the target process image or file |
|
objectFileHashSha256 |
FileSHA2 |
SHA-256 hash vaule of the target process image or file |
|