Index

Symbols

$CONFIG["ENABLE_REMEDY"]: $CONFIG["ENCRYPTION_KEY_PLAIN"]: $CONFIG["MAIL_FROM"]: $CONFIG["MONGO_HOST"]: $CONFIG["PASSWD"]: $CONFIG["REMEDY_PASSWORD"]: $CONFIG["REMEDY_REMOTE_URL"]: $CONFIG["REMEDY_SCHEMA"]: $CONFIG["REMEDY_USERNAME"]: $CONFIG["SITE_URL"]: $CONFIG["USER"]: $CONFIG['DSN']:

$CONFIG['DSN_SLAVES']: $CONFIG['ENABLE_MEMCACHED']: $CONFIG['MEMCACHED_HOSTS']: $CONFIG['MONGO_DB']: $CONFIG['MONGO_EVENTS']: $CONFIG['MONGO_EVENTS_DAILY']: $CONFIG['MONGO_TIMEOUT']: [API], [1], [2], [3], [4], [5] [ARCHIVE], [1] [MEMCACHE], [1] [MONGODB], [1] [MSGQ], [1] [SETTINGS], [1], [2], [3], [4], [5]

A

action (string):, [1] AggregationInterval:, [1] AggregationLimit:, [1] AggregationRule:, [1] AggregationTimeWindow:, [1] Alert: alert_name (string):, [1] AlertIndex: alerts_type_name (string):, [1] AlertType: app (string):, [1]

audit_account_validation (boolean):, [1] audit_group_change (boolean):, [1] audit_log_change (boolean):, [1] audit_login (boolean):, [1] audit_logoff (boolean):, [1] audit_object_access (boolean):, [1] audit_policy_change (boolean):, [1] audit_session_status (boolean):, [1] audit_system_event (boolean):, [1] audit_user_action (boolean):, [1] audit_user_change (boolean):, [1]

B

BalancerHost:, [1], [2], [3] bayesian_weight (float):, [1]

BindHost:, [1], [2], [3] BindPort:, [1] blocked (boolean):, [1]

C

CacheMapReplace:, [1] CacheStoreDb:, [1] class_name (string):, [1] class_type (string):, [1]

compliance_asset (boolean):, [1] CONFIGDB: CONFIGLIST: correlation_username (string):, [1]

D

database: date_added (string):, [1]

days: Distinct Stream Counter (atomic_distinct_counter):

E

ENABLE_MONGOS: ENABLE_MONGOS_KEYFILE:

EnableAggregation:, [1] EnableDNS:, [1] EventCacheTimeOut:, [1]

F

ForwardHost:, [1], [2], [3]

G

GeoIPFile:, [1]

Group:, [1], [2], [3], [4], [5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15], [16], [17] group_name (string):, [1]

H

hash (string):, [1] HAWKName, [1], [2], [3] HAWKUrl:, [1], [2], [3], [4], [5], [6], [7], [8], [9] health_service_ping (boolean):, [1] hid (string):, [1] HID: Host Classification:

Host Lookup List (host_lookup): Host Lookup List (Live Resource) (host_lookup_resource): host: http_proxy: HTTPCredentialSecret:, [1] HTTPProxy:, [1], [2] HTTPSSLVerifyHost:, [1], [2], [3], [4], [5], [6], [7], [8], [9] HTTPSSLVerifyPeer:, [1], [2], [3], [4], [5], [6], [7], [8], [9]

I

icmp_code (integer):, [1] icmp_csum (integer):, [1] icmp_id (integer):, [1] icmp_seq (integer):, [1] icmp_type (integer):, [1] Ignore: IndexDirectorPrimary:, [1] IndexDirectorSecondary:, [1] InfoMatch: Inter-Column Comparison (column_comparison): ip_csum (integer):, [1] ip_dport (integer):, [1] ip_dst (string):, [1] ip_dst_geoip_cc2 (string):, [1] ip_dst_geoip_city (string):, [1] ip_dst_geoip_latitude (float):, [1] ip_dst_geoip_longitude (float):, [1] ip_dst_geoip_name (string):, [1]

ip_dst_geoip_reg (string):, [1] ip_dst_host (string):, [1] ip_flags (integer):, [1] ip_hlen (integer):, [1] ip_id (integer):, [1] ip_off (integer):, [1] ip_proto (integer):, [1] ip_sport (integer):, [1] ip_src (string):, [1] ip_src_geoip_cc2 (string):, [1] ip_src_geoip_city (string):, [1] ip_src_geoip_latitude (float):, [1] ip_src_geoip_longitude (float):, [1] ip_src_geoip_name (string):, [1] ip_src_geoip_reg (string):, [1] ip_src_host (string):, [1] ip_tos (integer):, [1] ip_ttl (integer):, [1] ip_ver (integer):, [1]

L

LogDirectory:, [1] LogFile:, [1], [2], [3], [4], [5], [6], [7], [8], [9], [10], [11], [12], [13]

LogHost:, [1] LogSource:, [1], [2], [3], [4], [5], [6], [7], [8], [9], [10], [11], [12], [13] Lookup List (case insensitive) (list_lookup):

M

MemcacheConfig:, [1], [2], [3] memcached: Mode:, [1], [2], [3]

MONGO_GROUP: MONGO_USER: MONGOS_KEYFILE: MySQLHost:, [1]

N

Naming Convention: net_if_bytes (integer):, [1] net_if_collisions (string):, [1] net_if_id (string):, [1] net_if_in_bytes (integer):, [1] net_if_in_dropped (integer):, [1] net_if_in_errors (integer):, [1] net_if_in_packets (integer):, [1]

net_if_name (string):, [1] net_if_out_bytes (integer):, [1] net_if_out_dropped (integer):, [1] net_if_out_errors (integer):, [1] net_if_out_packets (integer):, [1] net_if_packets (integer):, [1] NormalizationThreadCount:, [1] NotPayloadMatch:

O

os_type_name (string):, [1]

Overview:

P

packet (string):, [1] password:, [1], [2], [3], [4] payload (string):, [1] Payload: PayloadMatch:

port: PreRules: primary_server: priority (integer):, [1] Priority:

Q

QueueThreadCount:, [1], [2], [3], [4], [5]

R

RBLDNS Blacklist Lookup (rbldns): RegexPal: resource_addr (string):, [1] resource_asset_criticality (integer):, [1] resource_name (string):, [1] ResourcePollTimeout:, [1]

ResourceThreadCount:, [1] Rule: RuleDetails: RuleGroup: RuleKey: RuleName: RuleVersion:

S

secondary_server: secret: secure: SendDelay:, [1], [2], [3] server:, [1], [2], [3], [4], [5], [6], [7] shard_name: ShardName: smtp_admins: smtp_from: smtp_server: SNMPRule: Source: ssh_port: ssl_cert:, [1] ssl_key:, [1] SSLCrt:, [1] SSLCsr:, [1]

SSLKey:, [1] SSLLease:, [1] SSLSecret:, [1] SSLSubject:, [1] storage_path:, [1], [2] storage_size:, [1] Stream Counter (atomic_counter): sys_cpu_id (string):, [1] sys_cpu_load_idle (integer):, [1] sys_cpu_load_sys (integer):, [1] sys_cpu_load_total (integer):, [1] sys_cpu_load_user (integer):, [1] sys_cpu_load_wait (integer):, [1] sys_mem_size_free (integer):, [1] sys_mem_size_total (integer):, [1] sys_uname (string):, [1] sys_uptime (string):, [1] sys_version (string):, [1]

T

target_username (string):, [1] tcp_ack (integer):, [1] tcp_csum (integer):, [1] tcp_flags (integer):, [1] tcp_off (integer):, [1] tcp_res (integer):, [1] tcp_seq (integer):, [1] tcp_urp (integer):, [1]

tcp_win (integer):, [1] Tier1ShardName:, [1] Tier1ShardURL:, [1] Tier2ShardName:, [1] Tier2ShardTable:, [1] Timestamp - Day of Week (time_dayofweek): Timestamp - Hour and Minute (time_hourminute): Triggers:

U

udp_csum (integer):, [1] udp_len (integer):, [1]

User:, [1], [2], [3], [4], [5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15], [16], [17] username:, [1], [2], [3], [4]

V

vendor_id (string):, [1] Verbosity:, [1], [2], [3], [4], [5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15], [16], [17] vfs_dev_id (string):, [1] vfs_dev_read_ops (integer):, [1] vfs_dev_read_sectors (integer):, [1] vfs_dev_write_sectors (integer):, [1] vfs_fs_id (string):, [1]

vfs_fs_size_free (integer):, [1] vfs_fs_size_total (integer):, [1] vm_mem_size_buffers (integer):, [1] vm_mem_size_cached (integer):, [1] vm_mem_size_free (integer):, [1] vm_mem_size_total (integer):, [1] Vulnerability Threshold Analysis (vuln_threshold):

W

weight (float):, [1]

WriteDiskTarget:, [1] WriteToDiskCompression:, [1]

Z

Zookeeper:, [1]