Console
    Contact Us Start free

    EnrichmentProvenance

    JSON representation 
     { 
 "nounType" 
 : 
 enum (  NounType 
 
) 
 , 
 "typeEnrichmentProvenances" 
 : 
 [ 
 { 
 object (  TypeEnrichmentProvenance 
 
) 
 } 
 ] 
 }
    Fields
    nounType

    enum ( NounType )

    typeEnrichmentProvenances[]

    object ( TypeEnrichmentProvenance )

    NounType

    Enums
    NOUN_TYPE_UNSPECIFIED
    PRINCIPAL
    SRC
    TARGET

    TypeEnrichmentProvenance

    JSON representation 
     { 
 "enrichmentType" 
 : 
 enum (  EnrichmentType 
 
) 
 , 
 "enrichmentSources" 
 : 
 [ 
 { 
 object (  EnrichmentSource 
 
) 
 } 
 ] 
 , 
 "fieldEnrichmentProvenances" 
 : 
 [ 
 { 
 object (  FieldEnrichmentProvenance 
 
) 
 } 
 ] 
 }
    Fields
    enrichmentType

    enum ( EnrichmentType )

    enrichmentSources[]

    object ( EnrichmentSource )

    fieldEnrichmentProvenances[]

    object ( FieldEnrichmentProvenance )

    EnrichmentType

    Enums
    ENRICHMENT_TYPE_UNSPECIFIED
    ASSET
    USER
    PROCESS
    VT_FILE_HASH
    GEOIP
    PARENT_PROCESS_FROM_CURRENT_PROCESS

    EnrichmentSource

    JSON representation 
     { 
 // Union field source 
can be only one of the following: 
 "logType" 
 : 
 enum (  LogType 
 
) 
 , 
 "noLogEnrichmentSource" 
 : 
 enum (  NoLogEnrichmentSource 
 
) 
 // End of list of possible types for union field source 
. 
 }
    Fields

    Union field source .

    source can be only one of the following:

    logType

    enum ( LogType )

    noLogEnrichmentSource

    enum ( NoLogEnrichmentSource )

    FieldEnrichmentProvenance

    JSON representation 
     { 
 "enrichingEvents" 
 : 
 [ 
 { 
 object (  EnrichingEvent 
 
) 
 } 
 ] 
 }
    Fields
    enrichingEvents[]

    object ( EnrichingEvent )

    EnrichingEvent

    JSON representation 
     { 
 "enrichingEventType" 
 : 
 enum (  EnrichingEventType 
 
) 
 , 
 "eventId" 
 : 
 string 
 }
    Fields
    enrichingEventType

    enum ( EnrichingEventType )

    eventId

    string ( bytes format)

    A base64-encoded string.

    EnrichingEventType

    Enums
    ENRICHING_EVENT_TYPE_UNSPECIFIED
    DHCP
    EDR_MAPPING
    ASSET_CONTEXT
    USER_CONTEXT
    FILE_CONTEXT
    EDR_PROCESS_LAUNCH
    EDR
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: