product = "NG Analytics"
There are no fields for this extension.
| Activity Type | Field | Status | Core | Detection | Informational |
|---|---|---|---|---|---|
| alert-trigger | rule_severity | ✓ | |||
| local_user_name | |||||
| rule | |||||
| rule_usecases | ✓ | ||||
| src_host | Legacy | ✓ | ✓ | ||
| url | |||||
| rule_id | |||||
| rule_type | |||||
| rule_reason | |||||
| dest_ip | Legacy | ✓ | ✓ | ||
| dest_host | Legacy | ✓ | |||
| rule_description | |||||
| mitre_labels | ✓ | ||||
| operation | |||||
| user | Legacy | ✓ | |||
| rule-trigger | rarity_raw_score | ✓ | |||
| rarity_percentile | ✓ | ||||
| field_value | ✓ | ||||
| rarity_score | ✓ |