Current Active Threat – Lists
Canary Lists
List ID | Type | List Name |
---|---|---|
-1000074 | General Value | CAT : Canary List : Hash Value |
-1000085 | Host | CAT : Canary List : IP Address (Host) |
-1000076 | General Value | CAT : Canary List : Process Name |
-1000077 | General Value | CAT : Canary List : Process Path |
-1000078 | General Value | CAT : Canary List : Registry Keys |
-1000080 | General Value | CAT : Canary List : Domain |
-1000086 | General Value | CAT : Canary List : UEBA - Event |
Metadata Field Lists
List ID | Type | List Name |
---|---|---|
-1000012 | Log Source Type | CAT : Metadata Field : Action |
-1000013 | Log Source Type | CAT : Metadata Field : Amount |
-1000014 | Log Source Type | CAT : Metadata Field : Command |
-1000081 | Log Source Type | CAT : Metadata Field : CVE |
-1000025 | Log Source Type | CAT : Metadata Field : Domain Impacted |
-1000026 | Log Source Type | CAT : Metadata Field : Domain Origin |
-1000028 | Log Source Type | CAT : Metadata Field : Group |
-1000029 | Log Source Type | CAT : Metadata Field : Hash |
-1000022 | Log Source Type | CAT : Metadata Field : Hostname Impacted |
-1000061 | Log Source Type | CAT : Metadata Field : Hostname Origin |
-1000015 | Log Source Type | CAT : Metadata Field : Interface Impacted |
-1000053 | Log Source Type | CAT : Metadata Field : Interface Origin |
-1000016 | Log Source Type | CAT : Metadata Field : IP Address Impacted |
-1000054 | Log Source Type | CAT : Metadata Field : IP Address Origin |
-1000017 | Log Source Type | CAT : Metadata Field : IP or Hostname Impacted |
-1000055 | Log Source Type | CAT : Metadata Field : IP or Hostname Origin |
-1000018 | Log Source Type | CAT : Metadata Field : IPv4 Impacted |
-1000056 | Log Source Type | CAT : Metadata Field : IPv4 Origin |
-1000019 | Log Source Type | CAT : Metadata Field : IPv6 Impacted |
-1000057 | Log Source Type | CAT : Metadata Field : IPv6 Origin |
-1000020 | Log Source Type | CAT : Metadata Field : IPv6e Impacted |
-1000058 | Log Source Type | CAT : Metadata Field : IPv6e Origin |
-1000021 | Log Source Type | CAT : Metadata Field : MAC Address Impacted |
-1000060 | Log Source Type | CAT : Metadata Field : MAC Address Origin |
-1000023 | Log Source Type | CAT : Metadata Field : NAT IP Address Impacted |
-1000062 | Log Source Type | CAT : Metadata Field : NAT IP Address Origin |
-1000024 | Log Source Type | CAT : Metadata Field : NAT Port Impacted |
-1000063 | Log Source Type | CAT : Metadata Field : NAT Port Origin |
-1000031 | Log Source Type | CAT : Metadata Field : Object |
-1000032 | Log Source Type | CAT : Metadata Field : Object Name |
-1000033 | Log Source Type | CAT : Metadata Field : Object Type |
-1000034 | Log Source Type | CAT : Metadata Field : Parent Process ID |
-1000035 | Log Source Type | CAT : Metadata Field : Parent Process Name |
-1000036 | Log Source Type | CAT : Metadata Field : Parent Process Path |
-1000037 | Log Source Type | CAT : Metadata Field : Policy |
-1000038 | Log Source Type | CAT : Metadata Field : Process ID |
-1000039 | Log Source Type | CAT : Metadata Field : Process Name |
-1000040 | Log Source Type | CAT : Metadata Field : Protocol Name |
-1000041 | Log Source Type | CAT : Metadata Field : Protocol Number |
-1000042 | Log Source Type | CAT : Metadata Field : Quality |
-1000043 | Log Source Type | CAT : Metadata Field : Rate |
-1000044 | Log Source Type | CAT : Metadata Field : Reason |
-1000045 | Log Source Type | CAT : Metadata Field : Recipient |
-1000046 | Log Source Type | CAT : Metadata Field : Response Code |
-1000047 | Log Source Type | CAT : Metadata Field : Result |
-1000048 | Log Source Type | CAT : Metadata Field : Sender |
-1000049 | Log Source Type | CAT : Metadata Field : Serial Number |
-1000050 | Log Source Type | CAT : Metadata Field : Session |
-1000051 | Log Source Type | CAT : Metadata Field : Session Type |
-1000052 | Log Source Type | CAT : Metadata Field : Severity |
-1000059 | Log Source Type | CAT : Metadata Field : Size |
-1000065 | Log Source Type | CAT : Metadata Field : Status |
-1000066 | Log Source Type | CAT : Metadata Field : Subject |
-1000027 | Log Source Type | CAT : Metadata Field : TCP/UDP Port Impacted |
-1000064 | Log Source Type | CAT : Metadata Field : TCP/UDP Port Origin |
-1000067 | Log Source Type | CAT : Metadata Field : Threat ID |
-1000068 | Log Source Type | CAT : Metadata Field : Threat Name |
-1000069 | Log Source Type | CAT : Metadata Field : URL |
-1000030 | Log Source Type | CAT : Metadata Field : User Impacted |
-1000011 | Log Source Type | CAT : Metadata Field : User Origin |
-1000070 | Log Source Type | CAT : Metadata Field : User-Agent |
-1000071 | Log Source Type | CAT : Metadata Field : Vendor Message ID |
-1000073 | Log Source Type | CAT : Metadata Field : Vendor Info |
-1000072 | Log Source Type | CAT : Metadata Field : Version |