Console
    Contact Us Start free

    AssetEdrEvent

    An EDR event associated with an asset as delivered to the UI. To convey EDR events internally within the server, use AssetRawEdrEvent instead.

    JSON representation 
     { 
 "eventTime" 
 : 
 string 
 , 
 "displayName" 
 : 
 string 
 , 
 "chip" 
 : 
 { 
 object (  Chip 
 
) 
 } 
 , 
 "filterProperties" 
 : 
 { 
 object (  FilterProperties 
 
) 
 } 
 , 
 "sidebarEntries" 
 : 
 [ 
 { 
 object (  SidebarEntry 
 
) 
 } 
 ] 
 , 
 "rawLogsToken" 
 : 
 string 
 , 
 "assetIndicator" 
 : 
 { 
 object (  AssetIndicator 
 
) 
 } 
 , 
 "fileNames" 
 : 
 [ 
 string 
 ] 
 }
    Fields
    eventTime

    string ( Timestamp format)

    Date/time of the event.

    Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z" , "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30" .
    displayName

    string

    The canonical string to display for the event.
    chip

    object ( Chip )

    The chip to display.
    filterProperties

    object ( FilterProperties )

    A list of filter properties associated the event.
    sidebarEntries[]

    object ( SidebarEntry )

    All the sidebar entries.
    rawLogsToken

    string

    A token to request raw logs, this is opaque to the client. If empty, no raw logs can be requested.
    assetIndicator

    object ( AssetIndicator )

    AssetIndicator used for pivoting.
    fileNames[]

    string

    This field is only used for hash view timeline: it contains the file names associated with the queried file hash.
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: