Skip to main content
Skip table of contents

V 2.0 : Cylance Protect : Device Control Events

Vendor Documentation


Rule Name

Rule Type

Common Event

V 2.0 : Cylance Protect : Device Control EventsProductionGeneral Antivirus InformationInformation
V 2.0 : Cylance Protect : Device BlockedProductionStorage Device DetectedActivity
V 2.0 : Cylance Protect : Device AllowedProductionThreat BlockedFailed Activity

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData TypeSchema Description
N/AN/AN/ADevice Product
Device Name<dname>Text/StringThe name of the device associated with the Device Control event.
Event Type<vmid>Text/String
Event Name <action>, <tag1>Text/String
Possible values: Block, Fullaccess.
External Device Type<object>Text/String
Possible values: AndroidUSB, iOS, StillImage, USBCDDVDRW, USBDrive, VMWareMount, WPD.
External Device Name<objectname>Text/String
The name given to the external device.
External Device Product IDN/AN/AVaries by manufacturer.
External Device Serial Number<serialnumber>NumberVaries by manufacturer.
External Device Vendor IDN/AN/AVaries by manufacturer.
Zone NamesN/AN/AThe zones to which the device belongs.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.