Skip to main content
Skip table of contents

Network Connection Ingress Event

Vendor Documentation

https://www.carbonblack.com/products/endpoint-detection-and-response/

Classification

Rule Name

Rule Type

Common Event

Classification
Network Connection Ingress EventBase RuleGeneral Connection MessagesNetwork Traffic
Network Connection Event : InboundSub RuleGeneral Network TrafficNetwork Traffic
Network Connection Event : OutboundSub RuleGeneral Network TrafficNetwork Traffic

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData Type
vmid<vmid>Text/String
direction<tag1>Text/String
domain<url>Text/String
dst<dip>IP Address
dstport<dport>Number
md5

<objectname>

<hash>

Text/String
pid<processid>Number
process_path<process>Text/String
proto<protnum>Number/Text/String
src<sip>IP Address
srcport<sport>Number



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close