Red Canary help

Telemetry: Fields

Updated January 19, 2023 22:15.

Network Telemetry Fields

The following fields are collected for network telemetry:

Field	Field
timestamp	local_ip
local_port	local_type
remote_ip	report_port
remote_type	direction
protocol	domain

Process Telemetry Fields

The following fields are collected for process telemetry:

Field	Field
timestamp	host_name
user_uid	user_name
user_domain	user_username
login_user_uid	login_user_name
login_user_domain	process_md5
process_sha256	process_pid
process_name	process_path
process_command_line	parent_process_timestamp
parent_process_pid	parent_process_name
parent_process_path	parent_process_md5
parent_process_sha256

Comments

0 comments

Please sign in to leave a comment.