The Events tab displays the threat intelligence events in the database of Threat Defender.
The table provides the following information:
|Updated At||The time the event was last updated.|
|Name||The name of the event.|
|Tags||The number of tags assigned to the event. By mouseover you can see the tags in a tooltip.|
To see further details on an event, click in the last table column or double-click its row.
The details page displays the name of the event and the following details:
|Threat Level||The threat level assigned to the event in the database. There are four threat levels: high, medium, low and unknown.|
|Analysis||The status of the community analysis of the event.|
|Created||The date and time the event was created.|
|Updated||The date and time when the event was last updated in the threat intelligence database.|
|Tags||The tags assigned to the event in the database.|
The Related Events section displays a list of events linked to the current event. Click an entry to access its details page.
The Most Recent Logs table displays the most recently created incident log entries for the event. Click in the last table column of an entry to go its details page.
The External Analysis table displays any further external information on the event, such as external links, comments on the event and so on.
The Attributes table displays all attributes assigned to the event.
The table contains the following information:
|Updated At||The date and time when the attribute was last updated in the database.|
|Category||The category of the attribute.|
|Type||The type of the attribute.|
|Value||The value of the attribute. By mouseover you can see the full value in a tooltip.|
|Tags||The number of tags assigned to the attribute. By mouseover you can see the tags in a tooltip.|
|Indicator||The icon in this column indicates whether the attribute is an indicator of compromise or attack () or not ().|