tm-v1-schema

Mobile Network Security

Layer: Network

This documentation provides detailed information about all fields available for Mobile Network Security.

Field Name Type Searchable General Field Description Example Products
act dynamic true - The actions taken to mitigate the event
  • log
  • isolate
  • terminate
  • not blocked
  • Block
  • No action
  • Reset
  • Pass
  • User Decision
  • Trend Vision One Container Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Cloud App Security
  • TippingPoint Security Management System
  • Endpoint Sensor
  • Trend Micro Web Security
  • Trend Micro Email Security
  • Trend Micro Deep Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • TXOne EdgeOne
  • Zero Trust Secure Access - Private Access
  • Email Sensor
  • Trend Vision One Mobile Security
  • Mobile Network Security
  • Agentless Vulnerability & Threat Detection
category string true - The event category
  • Exploits
  • Reconnaissance
  • Vulnerabilities
  • Security Policy
  • TippingPoint Security Management System
  • Mobile Network Security
  • Trend Cloud One - Endpoint & Workload Security
cnt string true - The total number of logs
  • 1
  • 2
  • 3
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • TXOne EdgeOne
  • Mobile Network Security
dhost string true DomainName The destination hostname 10.10.10.10
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Mobile Network Security
dOSClass string true - The destination device OS class Linux Mobile Network Security
dOSName string true - The destination host OS
  • Windows
  • Windows 10
  • Android
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Mobile Network Security
dOSVendor string true - The destination device OS vendor Others Mobile Network Security
dpt int true Port The destination port
  • 445
  • 80
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Cloud One - Endpoint & Workload Security
  • TippingPoint Security Management System
  • Trend Micro Deep Security
  • Trend Cloud One - Network Security
  • Endpoint Sensor
  • TXOne EdgeOne
  • Zero Trust Secure Access - Private Access
  • Trend Vision One Container Security
  • Mobile Network Security
dst dynamic true
  • IPv4
  • IPv6
 The destination IP 10.10.10.10
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Cloud One - Endpoint & Workload Security
  • TippingPoint Security Management System
  • Trend Micro Deep Security
  • Trend Cloud One - Network Security
  • Endpoint Sensor
  • Zero Trust Secure Access - Internet Access
  • TXOne EdgeOne
  • Zero Trust Secure Access - Private Access
  • Trend Vision One Container Security
  • Mobile Network Security
dstEquipmentId string true - The destination IMEI 350548054087659 Mobile Network Security
dstFamily string true - The destination device family Computer Mobile Network Security
dstGroup string true - The group name defined by the administrator of the destination
  • Default
  • Data Center Services DL_Deployed Block
  • Rede Wifi Visitantes-Pacientes
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Mobile Network Security
dstSubscriberDirNum string true - The destination MSISDN 8618687654321 Mobile Network Security
dstSubscriberId string true - The destination IMSI 466686007810478 Mobile Network Security
dstType string true - The destination device type Desktop/Laptop Mobile Network Security
eventId string true - The event ID from the logs of each product
  • 100100
  • 100101
  • 100116
  • 100117
  • 100119
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Trend Micro Cloud App Security
  • Endpoint Sensor
  • Trend Micro Email Security
  • TXOne StellarOne
  • Trend Vision One Container Security
  • Email Sensor
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
  • Trend Vision One Mobile Security
  • Mobile Network Security
  • Data Detection and Response
eventName string true - The event type
  • LOG_INSPECTION_EVENT
  • SECURITY_RISK_DETECTION
  • WEB_THREAT_DETECTION
  • LOG_INSPECTION_EVENT
  • MALWARE_DETECTION
  • PROCESS_ACTIVITY
  • WEB_POLICY_VIOLATION
  • DEEP_PACKET_INSPECTION_EVENT
  • INTEGRITY_MONITORING_EVENT
  • DISRUPTIVE_APPLICATION_DETECTION
  • PRODUCT_SUMMARY
  • PRODUCT_UPDATE
  • BEHAVIORAL_VIOLATION
  • FIREWALL_POLICY_VIOLATION
  • SUSPICIOUS_BEHAVIOUR_DETECTION
  • DENYLIST_CHANGE
  • MACHINE_LEARNING_DETECTION
  • DLP_VIOLATION
  • MALWARE_OUTBREAK_DETECTION
  • SENSITIVE_DATA_DETECTION
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • TippingPoint Security Management System
  • Trend Micro Cloud App Security
  • Trend Micro Email Security
  • Endpoint Sensor
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • TXOne EdgeOne
  • Zero Trust Secure Access - Private Access
  • TXOne StellarOne
  • Email Sensor
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
  • Trend Vision One Mobile Security
  • Mobile Network Security
  • Data Detection and Response
icmpCode int true - The ICMP protocol code field 0 Mobile Network Security
icmpType int true - The ICMP protocol type
  • 3
 Mobile Network Security
instanceId string true - The ID of the instance that indicates the meta-cloud or data center VM
  • 52294e7b-f732-c6e9-b2c3-7a6b6f50d101
  • 00030912-c5e7-4348-9012-7c684751c531
  • 0008ae58-db0c-34ee-3e5c-5dfc9b10a739
  • i-0b22a22eec53b9321
  • /subscriptions/bae4f362-e3a0-482f-ba7a-f883d8b410ce/resourceGroups/avtd-csf-sg-lzniibr0/providers/Microsoft.Compute/virtualMachines/avtd-csf-scanner-lzniibr0
  • ocid1.instance.oc1.us-ashburn-1.an2g6ljrgs553pqcjuokzvvwpmwxh564f6f5sx3jpi2sowt6as44uejmsrzq
  • Trend Micro Apex One as a Service
  • Endpoint Sensor
  • Trend Cloud One - Endpoint & Workload Security
  • Agentless Vulnerability & Threat Detection
  • Mobile Network Security
instanceName string true - The name of the instance that indicates the meta-cloud or data center VM instapecot-1 Mobile Network Security
malSrc string true FileFullPath The malware infection source
  • \\10.172.1.33\kortiz
  • \\10.240.0.148\wbind
  • \\10.240.1.69\MT26933059
  • Trend Micro Apex One as a Service
  • Mobile Network Security
policyName string true - The name of the triggered policy
  • Steelcase
  • Cabot
  • Tigre - Medium Policy
  • apiPostedPolicy
  • Trend Micro Apex One as a Service
  • Trend Micro Cloud App Security
  • Trend Micro Web Security
  • Trend Micro Email Security
  • Zero Trust Secure Access - Internet Access
  • TXOne EdgeOne
  • Trend Vision One Container Security
  • Mobile Network Security
proto string true - The exploited layer network protocol
  • 6
  • TCP
  • 17
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Security
  • TXOne EdgeOne
  • Trend Vision One Container Security
  • Mobile Network Security
ruleId int true - The rule ID
  • 1002795
  • 1003802
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Deep Security
  • Trend Micro Apex One as a Service
  • Mobile Network Security
ruleId64 long true - The IPS rule ID
  • 1134268
  • 4026531849
  • 4026531852
  • TXOne EdgeOne
  • Mobile Network Security
ruleName string true - The name of the rule that triggered the event
  • Directory Server - Microsoft Windows Active Directory
  • Microsoft Windows Events
  • Microsoft Windows Security Events - 3
  • (T1234) New executable created (chmod)
  • Sensitive Files Upload to Personal Cloud
  • Multiple Sensitive Files Compression
  • Transfer Sensitive Files to Removable Storage
  • Move Multiple Sensitive Files to Central Location
  • Multiple Sensitive Files Modification
  • Multiple Sensitive Files Deletion
  • GEN_CCFR_OVERLAY_TEST.A
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Trend Micro Cloud App Security
  • TippingPoint Security Management System
  • Endpoint Sensor
  • Trend Micro Email Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Private Access
  • Trend Vision One Container Security
  • Email Sensor
  • Mobile Network Security
  • Data Detection and Response
severity int true - The severity of the event
  • 2
  • 4
  • 6
  • 8
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Deep Security
  • Trend Micro Apex One as a Service
  • TippingPoint Security Management System
  • Trend Cloud One - Network Security
  • Trend Vision One Container Security
  • Mobile Network Security
shost string true DomainName The source hostname
  • dns.google
  • sw_us-east-1a_10-124-17-69
  • sw_us-east-1c_10-124-21-139
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Deep Security
  • Mobile Network Security
sOSClass string true - The source device OS class Linux Mobile Network Security
sOSName string true - The source OS
  • Windows
  • Windows 10
  • Windows XP
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Mobile Network Security
sOSVendor string true - The source device OS vendor Others Mobile Network Security
spt int true Port The source port
  • 53
  • 7680
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Cloud One - Endpoint & Workload Security
  • TippingPoint Security Management System
  • Trend Micro Deep Security
  • Trend Cloud One - Network Security
  • Endpoint Sensor
  • TXOne EdgeOne
  • Zero Trust Secure Access - Private Access
  • Trend Vision One Container Security
  • Mobile Network Security
src dynamic true
  • IPv4
  • IPv6
 The source IP 10.10.10.10
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Cloud One - Endpoint & Workload Security
  • TippingPoint Security Management System
  • Trend Micro Deep Security
  • Trend Cloud One - Network Security
  • Endpoint Sensor
  • Zero Trust Secure Access - Internet Access
  • TXOne EdgeOne
  • Zero Trust Secure Access - Private Access
  • Trend Vision One Container Security
  • Mobile Network Security
srcEquipmentId string true - The source IMEI 350548054087659 Mobile Network Security
srcFamily string true - The source device family Computer Mobile Network Security
srcGroup string true - The group named defined by the source administrator
  • Default
  • Rede DATACENTER example/example - AD example CORP
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Mobile Network Security
srcSubscriberDirNum string true - The source MSISDN 8618687654321 Mobile Network Security
srcSubscriberId string true - The source IMSI 466686007810478 Mobile Network Security
srcType string true - The source device type Desktop/Laptop Mobile Network Security
vLANId int false - The virtual LAN ID -
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • TXOne EdgeOne
  • Mobile Network Security

Field Statistics

Generated by XDR Common Schema Public Doc Generator V2

This site is open source. Improve this page.