tm-v1-schema

TXOne EdgeOne

Layer: Others

This documentation provides detailed information about all fields available for TXOne EdgeOne.

Field Name	Type	Searchable	General Field	Description	Example	Products
act	dynamic	true	-	The actions taken to mitigate the event	log isolate terminate not blocked Block No action Reset Pass User Decision	Trend Vision One Container Security Trend Micro Deep Discovery Inspector Network Sensor Trend Micro Apex One as a Service Trend Cloud One - Endpoint & Workload Security Trend Micro Cloud App Security TippingPoint Security Management System Endpoint Sensor Trend Micro Web Security Trend Micro Email Security Trend Micro Deep Security Trend Cloud One - Network Security Zero Trust Secure Access - Internet Access TXOne EdgeOne Zero Trust Secure Access - Private Access Email Sensor Trend Vision One Mobile Security Mobile Network Security Agentless Vulnerability & Threat Detection
cnt	string	true	-	The total number of logs	1 2 3	Trend Micro Deep Discovery Inspector Network Sensor TXOne EdgeOne Mobile Network Security
direction	string	true	-	The direction	Incoming Outgoing Unknown	Trend Micro Apex One as a Service TXOne EdgeOne
dmac	string	true	-	The MAC address of the destination IP (dest_ip)	00:00:00:00:00:00 ff:ff:ff:ff:ff:ff	Trend Micro Deep Discovery Inspector Network Sensor Trend Micro Apex One as a Service Trend Cloud One - Endpoint & Workload Security Trend Micro Deep Security TXOne EdgeOne
dpt	int	true	Port	The destination port	445 80	Trend Micro Deep Discovery Inspector Network Sensor Trend Micro Apex One as a Service Trend Cloud One - Endpoint & Workload Security TippingPoint Security Management System Trend Micro Deep Security Trend Cloud One - Network Security Endpoint Sensor TXOne EdgeOne Zero Trust Secure Access - Private Access Trend Vision One Container Security Mobile Network Security
dst	dynamic	true	IPv4 IPv6	The destination IP	10.10.10.10	Trend Micro Deep Discovery Inspector Network Sensor Trend Micro Apex One as a Service Trend Cloud One - Endpoint & Workload Security TippingPoint Security Management System Trend Micro Deep Security Trend Cloud One - Network Security Endpoint Sensor Zero Trust Secure Access - Internet Access TXOne EdgeOne Zero Trust Secure Access - Private Access Trend Vision One Container Security Mobile Network Security
endpointIp	dynamic	true	IPv4 IPv6	The IP address of the endpoint on which the event was detected	10.10.10.10	Trend Cloud One - Endpoint & Workload Security Trend Micro Deep Security Trend Micro Apex One as a Service TippingPoint Security Management System Trend Cloud One - Network Security TXOne EdgeOne Agentless Vulnerability & Threat Detection Data Detection and Response
endpointMacAddress	string	true	-	The MAC address of endpoint	00:00:00:00:00:00 ff:ff:ff:ff:ff:ff	Trend Micro Apex One as a Service TXOne EdgeOne TXOne StellarOne
eventName	string	true	-	The event type	LOG_INSPECTION_EVENT SECURITY_RISK_DETECTION WEB_THREAT_DETECTION LOG_INSPECTION_EVENT MALWARE_DETECTION PROCESS_ACTIVITY WEB_POLICY_VIOLATION DEEP_PACKET_INSPECTION_EVENT INTEGRITY_MONITORING_EVENT DISRUPTIVE_APPLICATION_DETECTION PRODUCT_SUMMARY PRODUCT_UPDATE BEHAVIORAL_VIOLATION FIREWALL_POLICY_VIOLATION SUSPICIOUS_BEHAVIOUR_DETECTION DENYLIST_CHANGE MACHINE_LEARNING_DETECTION DLP_VIOLATION MALWARE_OUTBREAK_DETECTION SENSITIVE_DATA_DETECTION	Trend Cloud One - Endpoint & Workload Security Trend Micro Deep Discovery Inspector Network Sensor Trend Micro Apex One as a Service Trend Micro Deep Security TippingPoint Security Management System Trend Micro Cloud App Security Trend Micro Email Security Endpoint Sensor Trend Cloud One - Network Security Zero Trust Secure Access - Internet Access TXOne EdgeOne Zero Trust Secure Access - Private Access TXOne StellarOne Email Sensor File Security File Security Storage Agentless Vulnerability & Threat Detection Trend Vision One Mobile Security Mobile Network Security Data Detection and Response
filterName	string	true	-	The filter name	ConnectionFilter Virtual Analyzer Data Loss Prevention	Trend Micro Cloud App Security Trend Micro Email Security Trend Micro Apex One as a Service TXOne EdgeOne
filterType	string	true	-	The filter type	Spam filter Size filter	Trend Micro Apex One as a Service TXOne EdgeOne
hostName	string	true	DomainName HostDomain	The computer name of the client host (The hostname from the suspicious URL detected by Deep Discovery Inspector)	Let's Encrypt 10.10.10.10	Trend Micro Deep Discovery Inspector Network Sensor Trend Cloud One - Endpoint & Workload Security Trend Micro Deep Security TXOne EdgeOne
interestedIp	dynamic	true	IPv4 IPv6	The IP of the interestedHost	10.10.10.10	Trend Cloud One - Endpoint & Workload Security Trend Micro Deep Discovery Inspector Network Sensor Trend Micro Deep Security Trend Micro Apex One as a Service TippingPoint Security Management System Trend Cloud One - Network Security TXOne EdgeOne
interestedMacAddress	string	true	-	The MAC address identified as the log owner's	00:00:00:00:00:00 ff:ff:ff:ff:ff:ff	Trend Micro Apex One as a Service Trend Micro Deep Discovery Inspector Network Sensor TXOne EdgeOne
majorVirusType	string	true	-	The virus type	Virus Suspicious Activity Trojan TROJ	Trend Micro Deep Security Trend Cloud One - Endpoint & Workload Security Trend Vision One Mobile Security TXOne EdgeOne TXOne StellarOne File Security Storage
policyName	string	true	-	The name of the triggered policy	Steelcase Cabot Tigre - Medium Policy apiPostedPolicy	Trend Micro Apex One as a Service Trend Micro Cloud App Security Trend Micro Web Security Trend Micro Email Security Zero Trust Secure Access - Internet Access TXOne EdgeOne Trend Vision One Container Security Mobile Network Security
proto	string	true	-	The exploited layer network protocol	6 TCP 17	Trend Cloud One - Endpoint & Workload Security Trend Micro Deep Security TXOne EdgeOne Trend Vision One Container Security Mobile Network Security
remarks	string	true	-	The additional information	warning: fork: Resource temporarily unavailable pam_unix(cron:session): session opened for user root by (uid=0) WinEvtLog: Application: AUDIT_FAILURE(18470): MSSQL$SA: (no user): no domain: EXAMPLE.com: Login failed for user 'example_user'. Reason: The account is disabled. [CLIENT: 10.10.10.10]	Trend Cloud One - Endpoint & Workload Security Trend Micro Deep Discovery Inspector Network Sensor Trend Micro Deep Security Trend Micro Cloud App Security Trend Micro Apex One as a Service Trend Micro Email Security Trend Cloud One - Network Security TXOne EdgeOne Email Sensor File Security Agentless Vulnerability & Threat Detection
ruleId64	long	true	-	The IPS rule ID	1134268 4026531849 4026531852	TXOne EdgeOne Mobile Network Security
smac	string	true	-	The source MAC address	00:11:22:33:44:55 66:77:88:99:AA:BB CC:DD:EE:FF:00:11	Trend Micro Deep Discovery Inspector Network Sensor Trend Micro Apex One as a Service Trend Cloud One - Endpoint & Workload Security Trend Micro Deep Security TXOne EdgeOne
spt	int	true	Port	The source port	53 7680	Trend Micro Deep Discovery Inspector Network Sensor Trend Micro Apex One as a Service Trend Cloud One - Endpoint & Workload Security TippingPoint Security Management System Trend Micro Deep Security Trend Cloud One - Network Security Endpoint Sensor TXOne EdgeOne Zero Trust Secure Access - Private Access Trend Vision One Container Security Mobile Network Security
src	dynamic	true	IPv4 IPv6	The source IP	10.10.10.10	Trend Micro Deep Discovery Inspector Network Sensor Trend Micro Apex One as a Service Trend Cloud One - Endpoint & Workload Security TippingPoint Security Management System Trend Micro Deep Security Trend Cloud One - Network Security Endpoint Sensor Zero Trust Secure Access - Internet Access TXOne EdgeOne Zero Trust Secure Access - Private Access Trend Vision One Container Security Mobile Network Security
vLANId	int	false	-	The virtual LAN ID	-	Trend Micro Deep Discovery Inspector Network Sensor TXOne EdgeOne Mobile Network Security

Field Statistics

• Total Fields: 23
• Layer: Others
• Product: TXOne EdgeOne

---

Generated by XDR Common Schema Public Doc Generator V2

This site is open source. Improve this page.