tm-v1-schema

Trend Vision One Mobile Security

Layer: Others

This documentation provides detailed information about all fields available for Trend Vision One Mobile Security.

Field Name Type Searchable General Field Description Example Products
act dynamic true - The actions taken to mitigate the event
  • log
  • isolate
  • terminate
  • not blocked
  • Block
  • No action
  • Reset
  • Pass
  • User Decision
  • Trend Vision One Container Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Cloud App Security
  • TippingPoint Security Management System
  • Endpoint Sensor
  • Trend Micro Web Security
  • Trend Micro Email Security
  • Trend Micro Deep Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • TXOne EdgeOne
  • Zero Trust Secure Access - Private Access
  • Email Sensor
  • Trend Vision One Mobile Security
  • Mobile Network Security
  • Agentless Vulnerability & Threat Detection
actResult dynamic true - The result of an action
  • Dropped
  • Successful
  • Accepted
  • Trend Micro Apex One as a Service
  • Trend Micro Cloud App Security
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Security
  • TXOne StellarOne
  • Trend Vision One Mobile Security
appDexSha256 string true FileSHA2 The app dex encoded using SHA-256 08736EDDD3682AC26D9FD42DA2A20B0BADB5C85A5456A0AE85B52D60C564F290 Trend Vision One Mobile Security
appIsSystem bool true - Whether the app is a system app False Trend Vision One Mobile Security
appIsSystem bool true - Whether the app is a system app False Trend Vision One Mobile Security
appLabel string true - App name Mobile Security Virus Test Application Trend Vision One Mobile Security
appLabel string true - The app name (if the subject is an app) Collection Nes Games Trend Vision One Mobile Security
appOrSystemEventHashId string true - The event object hash ID 3859886410 Trend Vision One Mobile Security
appPkgName string true - The app package name com.example.app_pkg_name_file Trend Vision One Mobile Security
appPkgName string true - The app package name (if the subject is an app) com.ConsolesXX.CollectionNesGames Trend Vision One Mobile Security
appPublicKeySha1 string true FileSHA1 The app public key (SHA-1) 72080A6B4EB11105B28E31C4753BC91414500AD4 Trend Vision One Mobile Security
appPublicKeySha1 string true FileSHA1 The SHA-1 hash of the app public key (if the subject is an app) 05FC638156219800DADAC48D8E621E0BCBD3C321 Trend Vision One Mobile Security
appSize string true - The app size (in bytes) 28461 Trend Vision One Mobile Security
appSize string true - The app size (in bytes) if the subject is an app 16906043 Trend Vision One Mobile Security
appVerCode int true - The app version code 1 Trend Vision One Mobile Security
appVerCode string true - The app version code (if the subject is an app) 0 Trend Vision One Mobile Security
detectionName string true - The general name for the detection
  • Troj.Win32.TRX.XXPE50F13017
  • Troj.Win32.TRX.XXPE50FFF059
  • Trend Micro Apex One as a Service
  • Trend Vision One Mobile Security
detectionType string true - The detection type
  • 1
  • File
  • Process
  • net
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Web Security
  • Trend Micro Apex One as a Service
  • Trend Micro Cloud App Security
  • Trend Micro Deep Security
  • Trend Micro Email Security
  • Zero Trust Secure Access - Internet Access
  • Trend Vision One Mobile Security
  • Zero Trust Secure Access - Private Access
  • Trend Vision One Container Security
endpointGUID string true EndpointID The GUID of the agent which reported the detection
  • ae4d64aa-f8b8-bb36-b265-f59272ed342f
  • 8fb979f6-1376-bed3-227f-f2886e66194e
  • ca2b3a7e-8415-c571-cc19-e45f69470026
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Endpoint Sensor
  • Zero Trust Secure Access - Internet Access
  • Trend Vision One Mobile Security
  • Zero Trust Secure Access - Private Access
  • TXOne StellarOne
  • Trend Vision One Container Security
  • Data Detection and Response
endpointGuid string true EndpointID Host GUID of the endpoint on which the event was detected 11111111-1111-1111-1111-111111111111 Trend Vision One Mobile Security
endpointHostName string true EndpointName The endpoint hostname or node where the event was detected
  • 10.10.10.10 (swpos-aws-aza02) [i-0f0f0f0f0f0f0f0f0]
  • ip-10-10-10-10.us-west-1.compute.internal
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Security
  • Trend Micro Apex One as a Service
  • Endpoint Sensor
  • Zero Trust Secure Access - Internet Access
  • Trend Vision One Mobile Security
  • Zero Trust Secure Access - Private Access
  • TXOne StellarOne
  • Trend Vision One Container Security
  • Agentless Vulnerability & Threat Detection
  • Data Detection and Response
endpointHostName string true EndpointName The host name of the endpoint on which the event was detected
  • PHILIPSIBE09
  • WHAM6WK8XG2
  • MacBook-Pro-del-Meno
 Trend Vision One Mobile Security
endpointIp dynamic true
  • IPv4
  • IPv6
 IP address of the endpoint on which the event was detected
  • 10.10.10.10
  • ::1
  • fe80::1
 Trend Vision One Mobile Security
endpointModel string true - Mobile device model M2101K9G Trend Vision One Mobile Security
endpointModel string true - The endpoint device model Pixel 3 XL Trend Vision One Mobile Security
eventHashId string true - The event hash ID
  • -8406473586387535914
  • 138486453338666581
  • -7909265752378976284
 Trend Vision One Mobile Security
eventId string true - The event ID from the logs of each product
  • 100100
  • 100101
  • 100116
  • 100117
  • 100119
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Trend Micro Cloud App Security
  • Endpoint Sensor
  • Trend Micro Email Security
  • TXOne StellarOne
  • Trend Vision One Container Security
  • Email Sensor
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
  • Trend Vision One Mobile Security
  • Mobile Network Security
  • Data Detection and Response
eventId int true - Event type - Trend Vision One Mobile Security
eventName string true - The event type
  • LOG_INSPECTION_EVENT
  • SECURITY_RISK_DETECTION
  • WEB_THREAT_DETECTION
  • LOG_INSPECTION_EVENT
  • MALWARE_DETECTION
  • PROCESS_ACTIVITY
  • WEB_POLICY_VIOLATION
  • DEEP_PACKET_INSPECTION_EVENT
  • INTEGRITY_MONITORING_EVENT
  • DISRUPTIVE_APPLICATION_DETECTION
  • PRODUCT_SUMMARY
  • PRODUCT_UPDATE
  • BEHAVIORAL_VIOLATION
  • FIREWALL_POLICY_VIOLATION
  • SUSPICIOUS_BEHAVIOUR_DETECTION
  • DENYLIST_CHANGE
  • MACHINE_LEARNING_DETECTION
  • DLP_VIOLATION
  • MALWARE_OUTBREAK_DETECTION
  • SENSITIVE_DATA_DETECTION
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • TippingPoint Security Management System
  • Trend Micro Cloud App Security
  • Trend Micro Email Security
  • Endpoint Sensor
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • TXOne EdgeOne
  • Zero Trust Secure Access - Private Access
  • TXOne StellarOne
  • Email Sensor
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
  • Trend Vision One Mobile Security
  • Mobile Network Security
  • Data Detection and Response
eventSubId int true - The access type
  • 2 - TELEMETRY_PROCESS_CREATE
  • 101 - TELEMETRY_FILE_CREATE
  • 204 - TELEMETRY_CONNECTION_CONNECT_OUTBOUND
 Trend Vision One Mobile Security
eventTime real true - The time the agent detected the event 1657781088000 Trend Vision One Mobile Security
extraInfo dynamic true - The extra information about the app
  • N/A
  • Web Client Common
  • DCERPC Services
 Trend Vision One Mobile Security
firstSeen string true - The time when the event started (in milliseconds) 1656355418449 Trend Vision One Mobile Security
lastSeen string true - The time when the event ended (in milliseconds) 1656355418449 Trend Vision One Mobile Security
logonUser dynamic true UserAccount The logon user name
  • root
  • SISTEMA
  • oracle
 Trend Vision One Mobile Security
mailbox string true - The mailbox that is protected by Trend Micro sample_email@trendmicro.com
  • Trend Micro Cloud App Security
  • Trend Micro Email Security
  • Trend Vision One Mobile Security
  • Email Sensor
majorVirusType string true - The virus type
  • Virus
  • Suspicious Activity
  • Trojan
  • TROJ
  • Trend Micro Deep Security
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Vision One Mobile Security
  • TXOne EdgeOne
  • TXOne StellarOne
  • File Security Storage
marsAccount string true - The account for Trend Micro Mobile Apps Reputation Service XDRv1 Trend Vision One Mobile Security
minorVirusType string true - Minor virus type
  • RANSOMWARE
  • BANKER
  • CREDENTIAL
 Trend Vision One Mobile Security
objectAppBehavior string true - The activity that occurred on the app
  • GRANTED_CAMERA_PERMISSION
  • APP_NO_ICON
  • APP_HIDE_ICON
 Trend Vision One Mobile Security
objectAppBehaviorAttr string true - The attributes of the app activity android.intent.action.BOOT_COMPLETED Trend Vision One Mobile Security
objectAppDexSha256 string true FileSHA2 The SHA-256 hash of the app Dex value C23A87B77B06442FD9AF9A80DD87191EDEADFAB766C862EBC592FE18063D0449 Trend Vision One Mobile Security
objectAppInstalledTime string true - The time of app installation (in milliseconds) 1607935850 Trend Vision One Mobile Security
objectAppIsSystemApp bool true - Whether the app is a system app True Trend Vision One Mobile Security
objectAppLabel string true - The app name Collection Nes Games Trend Vision One Mobile Security
objectAppPackageName string true - The app package name com.ConsolesXX.CollectionNesGames Trend Vision One Mobile Security
objectAppPublicKeySha1 string true FileSHA1 The SHA-1 hash of the app public key 05FC638156219800DADAC48D8E621E0BCBD3C321 Trend Vision One Mobile Security
objectAppSha256 string true FileSHA2 The SHA-256 hash of the app 692BC8E6BC51807A24BEACC13ED2B68E1F954E152863430E3179FA812937B8B0 Trend Vision One Mobile Security
objectAppSize string true - The app size (in bytes) 16906043 Trend Vision One Mobile Security
objectAppVerCode string true - The app version code 0 Trend Vision One Mobile Security
objectAppVerName string true - The app version 1.0 Trend Vision One Mobile Security
objectCertAttr string true - The SHA-1 hash of the certificate public key 05FC638156219800DADAC48D8E621E0BCBD3C321 Trend Vision One Mobile Security
objectFileCreation string true - The time the target file was created (in milliseconds)
  • 1652131848000
  • 1577865600000
  • 1648279273000
 Trend Vision One Mobile Security
objectFileHashSha256 string true FileSHA2 The SHA256 hash of target process image or target file
  • 39109eef00821658893b45634fe2f4664f880da9242712df907f1327d4ceefb8
  • 49fa3e206abf6a1f4546417dbe09f3f06b38847866a4a66de75bd90f39cb6c1c
  • 0969321ad5a0923f0f03896ad2c10e49290515c44b721d773942a37f62a24893
 Trend Vision One Mobile Security
objectFileModifiedTime string true - The modification time of the target file (in milliseconds)
  • 1652131848000
  • 1577865600000
  • 1648279273000
 Trend Vision One Mobile Security
objectFilePath string true
  • FileFullPath
  • FileName
 The file path of the target process image or target file
  • /usr/bin/bash
  • /bin/bash
  • /opt/folder1/probes/system/processes/processes
 Trend Vision One Mobile Security
objectFileSize string true - The target file size
  • 0
  • 59456
  • 60
 Trend Vision One Mobile Security
objectFirstSeen string true - The time when the object first appeared (in milliseconds)
  • 1656458063638
  • 1656260547165
  • 0
 Trend Vision One Mobile Security
objectHashId string true - The event object hash ID
  • 8576474808125313522
  • -599270888483415002
  • 2177864258235728980
  • 2432229257
 Trend Vision One Mobile Security
objectLastSeen string true - The time when the object was last seen (in milliseconds)
  • 1656458354730
  • 1656260580722
  • 0
 Trend Vision One Mobile Security
objectSystemEventAttr string true - The system event attributes LOCK_SCREEN Trend Vision One Mobile Security
osName string true - The host OS name
  • Linux
  • windows 10.0.22000
  • windows 10.0.19044
  • windows 10.0.19043
  • Zero Trust Secure Access - Internet Access
  • Trend Vision One Mobile Security
  • Zero Trust Secure Access - Private Access
  • Data Detection and Response
  • Agentless Vulnerability & Threat Detection
osName string true - The host operating system name
  • Windows
  • Linux
  • macOS
 Trend Vision One Mobile Security
osVer string true - The OS version 11
  • Trend Vision One Mobile Security
  • Zero Trust Secure Access - Private Access
  • Data Detection and Response
osVer string true - The OS version
  • Amazon Linux 2
  • 10.0.19044
  • 10.0.19042
 Trend Vision One Mobile Security
pname string true - The internal product ID
  • Trend Micro Deep Security
  • Deep Discovery Inspector
  • Apex One
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Trend Micro Cloud App Security
  • Trend Micro Email Security
  • TippingPoint Security Management System
  • Endpoint Sensor
  • Trend Micro Web Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • Trend Vision One Mobile Security
  • Trend Vision One Container Security
  • Email Sensor
pname string true - Internal product ID (Deprecated, use productCode)
  • 2200
  • 751
  • 533
 Trend Vision One Mobile Security
pver string true - The product version
  • 20.0.0.4726
  • 20.0.0.4416
  • 6.2.1125
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Deep Security
  • Trend Micro Apex One as a Service
  • TippingPoint Security Management System
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • Trend Vision One Mobile Security
  • Trend Vision One Container Security
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
pver string true - The product version
  • 1.2.0.2752
  • 1.0.345
  • 1.2.0.2657
 Trend Vision One Mobile Security
request string true URL The notable URLs
  • http://example.page.com/canonical.html
  • http://10.10.10.10
  • https://drive.google.com/
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • TippingPoint Security Management System
  • Trend Cloud One - Endpoint & Workload Security
  • Zero Trust Secure Access - Internet Access
  • Trend Micro Cloud App Security
  • Trend Cloud One - Network Security
  • Trend Micro Email Security
  • Trend Micro Deep Security
  • Trend Vision One Mobile Security
  • Zero Trust Secure Access - Private Access
request string true URL Request URL
  • http://10.10.10.10/fake/site
  • http:///fake/param.cgi?action=list&group=Alarm.Status
  • http://fake.com/
 Trend Vision One Mobile Security
score int false - The Web Reputation Services URL rating
  • 71
  • 81
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Cloud App Security
  • Trend Vision One Mobile Security
  • Trend Cloud One - Endpoint & Workload Security
srcFileCreation string true - The time when the source file was created (in milliseconds)
  • 1577865600000
  • 1626201752000
  • 1626201750000
 Trend Vision One Mobile Security
srcFileHashId string true - The source file hash ID
  • 1102079405020678318
  • -6926286289273504319
  • 8528955148329941480
 Trend Vision One Mobile Security
srcFileHashSha256 string true FileSHA2 The SHA256 hash of source file
  • 4eaa002225f4ea2dedcd19b7f1337d7c58ea7dd6d4571c12468dde95e6bcfdaf
  • e30508e2088bc16b2a84233ced64995f738deaef2366ac6c86b35c93bbcd9d80
  • 16b20a3ad485b4fbbe3028c7e743b226db21ea93cacc8b3d7d7d4a731bf02333
 Trend Vision One Mobile Security
srcFileModifiedTime string true - The time when the source file was modified (in milliseconds)
  • 1626201752000
  • 1626201750000
  • 1577865600000
 Trend Vision One Mobile Security
srcFilePath string true
  • FileFullPath
  • FileName
 The source file path
  • \\cnva-apps\megaclockprod\traveler\travelerprint.accdb
  • c:\program files\common files\microsoft shared\clicktorun\officesvcmgrschedule.xml
  • q:\a7_dbs\a4_pkg\a4_packaging.accde
 Trend Vision One Mobile Security
srcFileSize string true - The source file size
  • 0
  • 131072
  • 196608
 Trend Vision One Mobile Security
srcFirstSeen string true - The time when the source file first appeared (in milliseconds)
  • 0
  • 1656355418449
  • 1656714760440
 Trend Vision One Mobile Security
srcLastSeen string true - The time when the source file was last seen (in milliseconds)
  • 0
  • 1656355418449
  • 1656715147313
 Trend Vision One Mobile Security
systemEventAttr string true - The attributes of the system event (if the subject is a system event) usbdebugging Trend Vision One Mobile Security
urlCat dynamic true - The requested URL category
  • Untested
  • 158
  • Web Advertisement
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Web Security
  • Trend Micro Apex One as a Service
  • Zero Trust Secure Access - Internet Access
  • Trend Micro Cloud App Security
  • Trend Vision One Mobile Security
  • Trend Cloud One - Endpoint & Workload Security
userType string true - The user type
  • Microsoft Endpoint Manager
  • Azure Active Directory
  • VMware Workspace ONE UEM
 Trend Vision One Mobile Security

Field Statistics

Generated by XDR Common Schema Public Doc Generator V2

This site is open source. Improve this page.