Scope of transmitted data

Information that is transmitted for each alert is listed in the following table.

Scope of transmitted alert data

Parameter

Value

Description

alertID

Integer value.

Alert ID.

eventTimeStamp

Date and time.

Event time.

detectTimestamp

Date and time.

Time when alert information was recorded in the Kaspersky Anti Targeted Attack Platform database.

importance

One of the following values:

  • high
  • medium
  • low

Alert importance.

objectSource

One of the following values:

  • web
  • mail
  • endpoint
  • external
  • dns

Source of the detected object.

technology

One of the following values:

  • am – Anti-Malware Engine
  • sb – Sandbox
  • yara – YARA
  • url_reputation – URL Reputation
  • ids – Intrusion Detection System

Technology that was used to detect the object.

objectType

One of the following values:

  • file.
  • URL.
  • host (for remote domains or hosts).

Type of detected object.

object

Depends on the type of detected object.

Data on the detected object.

detection

Depends on the technology that was used to detect the object.

Data on detected threats.

details

Depends on the source of detected object.

Data on the environment of detected objects.

In this section

Data on detected objects

Data on detected threats

Data on the environment of detected objects

Page top