Events

The Events tab displays the threat intelligence events in the database of Threat Defender.

The table provides the following information:

Field Description
Updated At The time the event was last updated.
Name The name of the event.
Tags The number of tags assigned to the event. By mouseover you can see the tags in a tooltip.

To see further details on an event, click in the last table column or double-click its row.

Event Details

The details page displays the name of the event and the following details:

Field Description
Threat Level The threat level assigned to the event in the database. There are four threat levels: high, medium, low and unknown.
Analysis The status of the community analysis of the event.
Created The date and time the event was created.
Updated The date and time when the event was last updated in the threat intelligence database.
Tags The tags assigned to the event in the database.

The Related Events section displays a list of events linked to the current event. Click an entry to access its details page.

The Most Recent Logs table displays the most recently created incident log entries for the event. Click in the last table column of an entry to go its details page.

The External Analysis table displays any further external information on the event, such as external links, comments on the event and so on.

The Attributes table displays all attributes assigned to the event.

The table contains the following information:

Field Description
Updated At The date and time when the attribute was last updated in the database.
Category The category of the attribute.
Type The type of the attribute.
Value The value of the attribute. By mouseover you can see the full value in a tooltip.
Tags The number of tags assigned to the attribute. By mouseover you can see the tags in a tooltip.
Indicator The icon in this column indicates whether the attribute is an indicator of compromise or attack () or not ().

results matching ""

    No results matching ""