CylanceOPTICS detection event details
The CylanceOPTICS detection event details provides the following information.
Item | Description |
|---|---|
Name | The name of the event |
Severity | The severity level of the event |
Detection started | The date and time the detection started collecting data for the event |
Detection occurred | The date and time the detection event occurred |
Detection received | The date and time the detection event was sent to the console |
Instigating process | The process that triggered the detection |
Target object | The object targeted by the instigating process |
Rule name | The name of the rule that triggered the detection |
Rule category | The category the rule belongs to |
Rule description | The description for the rule |
Rule policy group | The ruleset the rule belongs to |
Detector | The product feature that detected the event |
Device ID (Impacted) | The unique console ID for the device |
Logged on users | A list of logged on users on the impacted device |
Applied exceptions | A list of exceptions applied to the detection event |
Associated artifacts | The JSON content of the detection rule |
Trace | The JSON content for the sensor of the rule |
Responses | The JSON of any actions taken by the rule |