| Key |
Description |
Example |
|---|---|---|
| process_id |
Process doc identifier. |
00000064-0000-07f0-01d2-8e03fc88f25e |
| report_id |
ID of the report that was matched. |
report_01 |
| ioc_type |
Type of the IOC that was matched. |
dns |
| ioc_value |
IOC value that was matched. |
www.google.com |
| ioc_attr |
Additional attributes on the IOC value that were matched. |
{port:80, protocol:tcp, direction:‘Outbound’} |
| hostname |
Hostname of the computer on which the feed hit was detected. |
PANTHER |
| sensor_id |
Sensor ID of the endpoint. |
1 |
| cb_version |
Carbon Black EDR server version. |
5.0.0.140204.501 |
| server_name |
Name of the Carbon Black EDR server. |
cbserver |
| feed_id |
ID of the feed that was matched. |
15 |
| feed_name |
Name of the feed that was matched. |
mdl |
| event_timestamp |
Time of the event. |
1400695113.17 |
