Get the PDF

CylanceOPTICS
detection events

This option is visible only to users who have

CylanceOPTICS

enabled.

CylanceOPTICS

events represent malicious or suspicious events detected by the

CylanceOPTICS

Context Analysis Engine (CAE). Selecting this option will send a message to the syslog server whenever an applicable

CylanceOPTICS

detection rule or threat detection module is triggered on a

CylanceOPTICS

device. Selecting this option will enable syslog messages for the following detection event types: process events, file events, registry events, network events, and memory events.

Due to the volume of information included in

CylanceOPTICS

detection events, the syslog representation of a detection event is reduced in size, and it does not contain the full set of information that is available from the management console or the API.

CylanceOPTICS process-based detection events

CylanceOPTICS file-based detection events

CylanceOPTICS registry-based detection events

CylanceOPTICS network-based detection events

CylanceOPTICS memory-based detection events

CylanceOPTICS DNS-based detection events

CylanceOPTICS log-based detection events

CylanceOPTICS PowerShell trace detection events

CylanceOPTICS WMI-based detection events

CylanceOPTICS API sensor detection events

CylanceOPTICS COM object visibility detection events

CylanceOPTICS HTTP visibility detection events