Symantec 10521146 Administration Guide - Page 329
Table B-2, Field Name, Description, Notes, Oracle Event Table
UPC - 037648268134
View all Symantec 10521146 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 329 highlights
SQL reference 329 Using Oracle tables Table B-2 Field Name atkproc atkuser class clusterID contextBuffer contextDesc crtTime custID dips dst_etheraddr dvName endTime eventCode eventNum Oracle Event Table Type Description Notes varchar(3000) varchar(255) varchar(33) integer varchar(512) varchar(512) integer varchar(41) varchar(195) varchar(33) varchar(41) integer varchar(65) integer Indicates the process name of the attacker, or blank if not applicable. Indicates the username of the attacker, or blank if not applicable. Indicates the event class. sniffer - for security events generic - for operational events, etc. Indicates the user-defined Network Security cluster ID where the incident originated. Indicates additional information sent by the sensor. Not every event will have context information. Example: For HTTP events, this may be a URL. For FTP events, this may be a username. Indicates the description of the data in contextBuffer. Base-64 encoded. Indicates the time when this event was realized in Standard UNIX time the Analysis Framework. format (seconds since 1970 GMT) Indicates the Customer ID that this event is associated with. Indicates a list of destination IPs for this event. Indicates the destination ethernet address. Indicates the name of the network device where the event was detected. Indicates the end time for this event, according to Standard UNIX time the sensor. format. Indicates the Symantec standard code representing the event. Indicates the event number for this incident. The first event in an incident will have an eventNum of 1. The eventNum will be incremented by 1 for each subsequent event.