GIM Category: alert
This category has been deprecated and is being replaced by the new detection category. This category will be removed in Illuminate 7.0.
network alert
Alerts detected related to network traffic, where two systems are communicating
| gim_event_type_code | gim_event_class | gim_event_category | gim_event_subcategory | gim_event_type | description |
|---|---|---|---|---|---|
|
170000 |
alert |
alert.network alert |
ids alert |
Alert generated by an intrusion detection or prevention product |
|
|
170001 |
alert |
alert.network alert |
network alert |
Alert generated by a product that monitors or manages network traffic |
|
|
170002 |
alert |
alert.network alert |
network dlp alert |
Alert generated by a data loss detection/prevention product |
host alert
Alerts generated by a product that monitors host activity
| gim_event_type_code | gim_event_class | gim_event_category | gim_event_subcategory | gim_event_type | description |
|---|---|---|---|---|---|
|
171000 |
alert |
alert.host alert |
malware alert |
Alert generated by a product that detects malicious software |
|
|
171001 |
alert |
alert.host alert |
host dlp alert |
Alert generated by a product that scans a host for sensitive information |
|
|
171002 |
alert |
alert.host alert |
hips alert |
Alert generated by a product that detects/prevents potentially malicious activity on a system |
|
|
171003 |
alert |
alert.host alert |
fim alert |
Alert generated by a product that monitors file integrity |
default
alert messages
| gim_event_type_code | gim_event_class | gim_event_category | gim_event_subcategory | gim_event_type | description |
|---|---|---|---|---|---|
|
179999 |
alert |
alert.default |
alert message |
Alert messages generated by an external source |
