Skip to main content
Skip table of contents

EVID 40702 - Endpoint Task Started

Vendor Documentation

Classification

Rule Name

Rule Type

Classification

Common Event

EVID 40702 - Endpoint Task Started

Base Rule

Information

Scheduled Task Started

Mapping with LogRhythm Schema

Device Key in Log Message

LogRhythm Schema

Data Type

Schema Description

N/A

N/A

N/A

N/A

MachineName

N/A

N/A

Name of the system hosting the detecting product.

AgentGUID

N/A

N/A

Unique identifier of the agent that forwarded the event.

IPAddress

<dip>

IP Address

IP address of the system hosting the detecting product (if given in the event).

RawMACAddress

<dmac>

Text/String/Number

MAC address of the system hosting the detecting product.

AgentVersion

N/A

N/A

N/A

OSName

N/A

N/A

N/A

TimeZoneBias

N/A

N/A

N/A

TargetUserName

<account>
<domainimpacted>

Text/String

The threat source user name or email address.

ProductName

<vendorinfo>

Text/String

Name of the detecting managed product.

ProductVersion

<version>

Text/String/Number

Version number of the detecting product.

ProductFamily

N/A

N/A

N/A

Analyzer

N/A

N/A

N/A

EventID

<vmid>

Number

Unique identifier of the event class.

Severity

<severity>

Number

N/A

GMTTime

N/A

N/A

N/A

LocalTime

N/A

N/A

N/A

AnalyzerName

N/A

N/A

Name of the detecting managed product.

AnalyzerVersion

N/A

N/A

Version number of the detecting product.

ThreatActionTaken

<action>

Text/String

The action taken by the product in response to the threat.

ThreatCategory

<subject>

Text/String

Category of the event. Possible categories depend on the product.

ThreatName

<threatname>

Text/String

Name of the threat.

ThreatType

N/A

N/A

Class of the threat.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.