HAWK.io Cloud Documentation
Operations Manual
Event Collection Configuration
HAWK Reference Guides
HAWK.io Cloud Documentation
Docs
»
Index
Index
A
|
B
|
C
|
D
|
G
|
H
|
I
|
L
|
N
|
O
|
P
|
R
|
S
|
T
|
U
|
V
|
W
A
action (string):
,
[1]
Alert:
alert_name (string):
,
[1]
AlertIndex:
alerts_type_name (string):
,
[1]
AlertType:
app (string):
,
[1]
audit_account_validation (boolean):
,
[1]
audit_group_change (boolean):
,
[1]
audit_log_change (boolean):
,
[1]
audit_login (boolean):
,
[1]
audit_logoff (boolean):
,
[1]
audit_object_access (boolean):
,
[1]
audit_policy_change (boolean):
,
[1]
audit_session_status (boolean):
,
[1]
audit_system_event (boolean):
,
[1]
audit_user_action (boolean):
,
[1]
audit_user_change (boolean):
,
[1]
B
bayesian_weight (float):
,
[1]
blocked (boolean):
,
[1]
C
class_name (string):
,
[1]
class_type (string):
,
[1]
compliance_asset (boolean):
,
[1]
correlation_username (string):
,
[1]
D
date_added (string):
,
[1]
Distinct Stream Counter (atomic_distinct_counter):
G
group_name (string):
,
[1]
H
hash (string):
,
[1]
health_service_ping (boolean):
,
[1]
hid (string):
,
[1]
HID:
Host Classification:
Host Lookup List (host_lookup):
Host Lookup List (Live Resource) (host_lookup_resource):
How?:
I
icmp_code (integer):
,
[1]
icmp_csum (integer):
,
[1]
icmp_id (integer):
,
[1]
icmp_seq (integer):
,
[1]
icmp_type (integer):
,
[1]
Ignore:
InfoMatch:
Inter-Column Comparison (column_comparison):
ip_csum (integer):
,
[1]
ip_dport (integer):
,
[1]
ip_dst (string):
,
[1]
ip_dst_geoip_cc2 (string):
,
[1]
ip_dst_geoip_city (string):
,
[1]
ip_dst_geoip_latitude (float):
,
[1]
ip_dst_geoip_longitude (float):
,
[1]
ip_dst_geoip_name (string):
,
[1]
ip_dst_geoip_reg (string):
,
[1]
ip_dst_host (string):
,
[1]
ip_flags (integer):
,
[1]
ip_hlen (integer):
,
[1]
ip_id (integer):
,
[1]
ip_off (integer):
,
[1]
ip_proto (integer):
,
[1]
ip_sport (integer):
,
[1]
ip_src (string):
,
[1]
ip_src_geoip_cc2 (string):
,
[1]
ip_src_geoip_city (string):
,
[1]
ip_src_geoip_latitude (float):
,
[1]
ip_src_geoip_longitude (float):
,
[1]
ip_src_geoip_name (string):
,
[1]
ip_src_geoip_reg (string):
,
[1]
ip_src_host (string):
,
[1]
ip_tos (integer):
,
[1]
ip_ttl (integer):
,
[1]
ip_ver (integer):
,
[1]
L
Lookup List (case insensitive) (list_lookup):
N
Naming Convention:
net_if_bytes (integer):
,
[1]
net_if_collisions (string):
,
[1]
net_if_id (string):
,
[1]
net_if_in_bytes (integer):
,
[1]
net_if_in_dropped (integer):
,
[1]
net_if_in_errors (integer):
,
[1]
net_if_in_packets (integer):
,
[1]
net_if_name (string):
,
[1]
net_if_out_bytes (integer):
,
[1]
net_if_out_dropped (integer):
,
[1]
net_if_out_errors (integer):
,
[1]
net_if_out_packets (integer):
,
[1]
net_if_packets (integer):
,
[1]
NotPayloadMatch:
O
os_type_name (string):
,
[1]
Overview:
P
packet (string):
,
[1]
payload (string):
,
[1]
Payload:
PayloadMatch:
PreRules:
priority (integer):
,
[1]
Priority:
R
RBLDNS Blacklist Lookup (rbldns):
RegexPal:
resource_addr (string):
,
[1]
resource_asset_criticality (integer):
,
[1]
resource_name (string):
,
[1]
Rule:
RuleDetails:
RuleGroup:
RuleKey:
RuleName:
RuleVersion:
S
SNMPRule:
Source:
Stream Counter (atomic_counter):
sys_cpu_id (string):
,
[1]
sys_cpu_load_idle (integer):
,
[1]
sys_cpu_load_sys (integer):
,
[1]
sys_cpu_load_total (integer):
,
[1]
sys_cpu_load_user (integer):
,
[1]
sys_cpu_load_wait (integer):
,
[1]
sys_mem_size_free (integer):
,
[1]
sys_mem_size_total (integer):
,
[1]
sys_uname (string):
,
[1]
sys_uptime (string):
,
[1]
sys_version (string):
,
[1]
T
target_username (string):
,
[1]
tcp_ack (integer):
,
[1]
tcp_csum (integer):
,
[1]
tcp_flags (integer):
,
[1]
tcp_off (integer):
,
[1]
tcp_res (integer):
,
[1]
tcp_seq (integer):
,
[1]
tcp_urp (integer):
,
[1]
tcp_win (integer):
,
[1]
Timestamp - Day of Week (time_dayofweek):
Timestamp - Hour and Minute (time_hourminute):
Triggers:
U
udp_csum (integer):
,
[1]
udp_len (integer):
,
[1]
V
vendor_id (string):
,
[1]
vfs_dev_id (string):
,
[1]
vfs_dev_read_ops (integer):
,
[1]
vfs_dev_read_sectors (integer):
,
[1]
vfs_dev_write_sectors (integer):
,
[1]
vfs_fs_id (string):
,
[1]
vfs_fs_size_free (integer):
,
[1]
vfs_fs_size_total (integer):
,
[1]
vm_mem_size_buffers (integer):
,
[1]
vm_mem_size_cached (integer):
,
[1]
vm_mem_size_free (integer):
,
[1]
vm_mem_size_total (integer):
,
[1]
Vulnerability Threshold Analysis (vuln_threshold):
W
weight (float):
,
[1]
What?:
When?:
Where?:
Who?:
Why?: