Field Name |
Description |
---|---|
event_protocol |
The name of the protocol or id of the protocol expressed in the event information. |
event_logname |
The name of the log expressed in the event information. |
event_euuid |
The unique identifier for this instance of the action expressed in the event information. |
event_count |
The count (integer) of times this event has occurred within the duration expressed in the event_duration field. |
event_summarized |
A flag (T/F) specifying whether the expressed event information has been summarized. |
event_duration |
The duration of time passed since the value expressed in the event_time_gmt field. |
event_time_gmt |
The date and time expressed in the event information. For summarized events this field contains the “start time” expressed in the event information. This field should be expressed in GMT time. |
event_timezone |
The time zone of the information expressed in the event. |
event_sequence |
The name of the sequence that was initiated which caused the action expressed in the event_action field to occur. This is the second tier of grouping available in CEG. |
event_trend |
The data that will be trended in future or currently-used graphs. |
event_action |
The name of the action that is expressed in the event information. This is the fourth tier of normalization available in the CEG. |
event_id |
The native identification number for the expressed event information. This field is normally provided by the vendor. |
event_category |
The name of the category of event that is expressed in the event information. This is the second tier of normalization available in the CEG. |
event_class |
The name of the class of event that is expressed in the event information. The choices available for the class of event information is determined by the category of event expressed. This is the third tier of normalization available in the CEG. |
ideal_model |
The name of the technology class that expressed the event information. This is the first tier of normalization available in the CEG. |
event_severity |
An integer representing a severity for the event as normalized by CA. |
Copyright © 2013 CA.
All rights reserved.
|
|