threat
Contents
threat¶
Event fields used to define/normalize metadata about threats in an network.
Attributes¶
Name |
Type |
Description |
Sample Value |
|---|---|---|---|
threat_category |
string |
Trojan The category of a threat identified by a security system such as Web Security Gateway of an IPS and is associated with this network session. |
|
threat_id |
string |
The ID of a threat identified by a security system such as Web Security Gateway of an IPS and is associated with this network session. |
|
threat_name |
string |
The name of the threat or malware identified |
|