tm-v1-schema

TXOne StellarOne

Layer: Others

This documentation provides detailed information about all fields available for TXOne StellarOne.

Field Name Type Searchable General Field Description Example Products
actResult dynamic true - The result of an action
  • Dropped
  • Successful
  • Accepted
  • Trend Micro Apex One as a Service
  • Trend Micro Cloud App Security
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Security
  • TXOne StellarOne
  • Trend Vision One Mobile Security
aggregatedCount string true - The number of aggregated events
  • 1
  • 2
  • 3
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • TippingPoint Security Management System
  • Trend Micro Web Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • TXOne StellarOne
  • Data Detection and Response
  • Trend Cloud One - Endpoint & Workload Security
endpointGUID string true EndpointID The GUID of the agent which reported the detection
  • ae4d64aa-f8b8-bb36-b265-f59272ed342f
  • 8fb979f6-1376-bed3-227f-f2886e66194e
  • ca2b3a7e-8415-c571-cc19-e45f69470026
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Endpoint Sensor
  • Zero Trust Secure Access - Internet Access
  • Trend Vision One Mobile Security
  • Zero Trust Secure Access - Private Access
  • TXOne StellarOne
  • Trend Vision One Container Security
  • Data Detection and Response
endpointHostName string true EndpointName The endpoint hostname or node where the event was detected
  • 10.10.10.10 (swpos-aws-aza02) [i-0f0f0f0f0f0f0f0f0]
  • ip-10-10-10-10.us-west-1.compute.internal
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Security
  • Trend Micro Apex One as a Service
  • Endpoint Sensor
  • Zero Trust Secure Access - Internet Access
  • Trend Vision One Mobile Security
  • Zero Trust Secure Access - Private Access
  • TXOne StellarOne
  • Trend Vision One Container Security
  • Agentless Vulnerability & Threat Detection
  • Data Detection and Response
endpointMacAddress string true - The MAC address of endpoint
  • 00:00:00:00:00:00
  • ff:ff:ff:ff:ff:ff
  • Trend Micro Apex One as a Service
  • TXOne EdgeOne
  • TXOne StellarOne
eventId string true - The event ID from the logs of each product
  • 100100
  • 100101
  • 100116
  • 100117
  • 100119
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Trend Micro Cloud App Security
  • Endpoint Sensor
  • Trend Micro Email Security
  • TXOne StellarOne
  • Trend Vision One Container Security
  • Email Sensor
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
  • Trend Vision One Mobile Security
  • Mobile Network Security
  • Data Detection and Response
eventName string true - The event type
  • LOG_INSPECTION_EVENT
  • SECURITY_RISK_DETECTION
  • WEB_THREAT_DETECTION
  • LOG_INSPECTION_EVENT
  • MALWARE_DETECTION
  • PROCESS_ACTIVITY
  • WEB_POLICY_VIOLATION
  • DEEP_PACKET_INSPECTION_EVENT
  • INTEGRITY_MONITORING_EVENT
  • DISRUPTIVE_APPLICATION_DETECTION
  • PRODUCT_SUMMARY
  • PRODUCT_UPDATE
  • BEHAVIORAL_VIOLATION
  • FIREWALL_POLICY_VIOLATION
  • SUSPICIOUS_BEHAVIOUR_DETECTION
  • DENYLIST_CHANGE
  • MACHINE_LEARNING_DETECTION
  • DLP_VIOLATION
  • MALWARE_OUTBREAK_DETECTION
  • SENSITIVE_DATA_DETECTION
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • TippingPoint Security Management System
  • Trend Micro Cloud App Security
  • Trend Micro Email Security
  • Endpoint Sensor
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • TXOne EdgeOne
  • Zero Trust Secure Access - Private Access
  • TXOne StellarOne
  • Email Sensor
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
  • Trend Vision One Mobile Security
  • Mobile Network Security
  • Data Detection and Response
eventSubId int true - The access type
  • 4
  • 101
  • 102
  • Trend Cloud One - Endpoint & Workload Security
  • TXOne StellarOne
fileName dynamic true FileName The file name
  • spoolss
  • hosts
  • svcrestarttask
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Zero Trust Secure Access - Internet Access
  • TXOne StellarOne
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
filePath string true FileFullPath The file path without the file name
  • security
  • /var/log/audit/audit.log
  • application
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Security
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • TXOne StellarOne
  • File Security
  • File Security Storage
filePathName string true FileFullPath The file path with the file name
  • vss
  • spoolss
  • /etc/hosts
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Deep Security
  • TXOne StellarOne
firstSeen string true - The first time the XDR log appeared 1657195233000
  • Trend Micro Cloud App Security
  • TXOne StellarOne
  • Data Detection and Response
fullPath string true FileFullPath The combination of the file path and the file name
  • \etc\hosts
  • c:\windows\system32\tasks\microsoft\windows\softwareprotectionplatform\svcrestarttask
  • \var\log\auth.log
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Deep Security
  • TXOne StellarOne
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
  • Trend Vision One Container Security
lastSeen string true - The last time the XDR log appeared 1657195233000
  • Trend Micro Cloud App Security
  • TXOne StellarOne
  • Data Detection and Response
majorVirusType string true - The virus type
  • Virus
  • Suspicious Activity
  • Trojan
  • TROJ
  • Trend Micro Deep Security
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Vision One Mobile Security
  • TXOne EdgeOne
  • TXOne StellarOne
  • File Security Storage
malName string true - The name of the detected malware
  • SecurityLevelDrop
  • Regla Logs All
  • USR_SUSPICIOUS_DOMAIN.UMXX
  • Trend Micro Apex One as a Service
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Deep Security
  • Trend Micro Web Security
  • TXOne StellarOne
  • Email Sensor
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
  • Trend Vision One Container Security
parentFileHashSha256 string true FileSHA2 The SHA-256 of the subject parent process
  • 14A1223722D486ABBC88682AB49AF8E56DC65AC4E153027985BFFFF7C815C0EC
  • 2EF51284CA9211ADEC3E8E095F386FEC742E0532075894AE99024C65949F935E
  • F3FEB95E7BCFB0766A694D93FCA29EDA7E2CA977C2395B4BE75242814EB6D881
  • Endpoint Sensor
  • TXOne StellarOne
quarantineFileName string true - The file path of the quarantined object C:\Program Files\TXOne\StellarProtect\private\quarantine\00000000-0000-0000-0000-000000000000 TXOne StellarOne
techniqueId dynamic true Technique Technique ID detected by the product agent base on a detection rule -
  • TXOne StellarOne
  • Trend Micro Deep Discovery Inspector
  • Network Sensor

Field Statistics

Generated by XDR Common Schema Public Doc Generator V2

This site is open source. Improve this page.