endpoint-activity
March 22, 2023 · View on GitHub
Description
A generic activity took place in an endpoint (catch all)
Parameters
| Parameter | Value |
|---|---|
| Subject | endpoint |
| Activity | activity |
| Activity Type | endpoint-activity |
| Pretty Name | Endpoint Activity |
Fields
The possible fields for this activity type will vary depending on whether the activity was a success or a fail.
endpoint-activity:success
| Field | Core | Detection | Informational |
|---|---|---|---|
| operation | ✓ |
endpoint-activity:fail
| Field | Core | Detection | Informational |
|---|---|---|---|
| failure_code | ✓ | ||
| failure_reason | ✓ | ||
| operation | ✓ |