threat

Event fields used to define/normalize metadata about threats in an network.

Attributes

Name

Type

Description

Sample Value

threat_category

string

Trojan The category of a threat identified by a security system such as Web Security Gateway of an IPS and is associated with this network session.

Trojan

threat_id

string

The ID of a threat identified by a security system such as Web Security Gateway of an IPS and is associated with this network session.

Tr.124

threat_name

string

The name of the threat or malware identified

EICAR Test File