Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Alarm and event list structure of alienvault Library

2025-03-28 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Alarm and event list structure of alienvault Library

As an OSSIM database developer, you need to understand the alarm and event table structure of the following alienvault libraries.

1.alarmFieldTypeAllow NullDefault Valuebacklog_idbinary (16) No

Event_idbinary (16) No

Corr_engine_ctxbinary (16) No

TimestamptimestampYes

Statusenum ('open','closed') Yes'open'plugin_idint (11) No

Plugin_sidint (11) No

Protocolint (11) Yes

Src_ipvarbinary (16) Yes

Dst_ipvarbinary (16) Yes

Src_portint (11) Yes

Dst_portint (11) Yes

Riskint (11) Yes

Efrint (11) No0similarvarchar (40) No'0000000000000000000000000000000000000000'statsmediumtextNo

Removabletinyint (1) No0in_filetinyint (1) No02.alarm_groupsFieldTypeAllow NullDefault Valuegroup_idvarchar (255) No

DescriptiontextNo

Statusenum ('open','closed') No

TimestamptimestampNoCURRENT_TIMESTAMPownervarchar (64) No

3.alarm_hostsFieldTypeAllow NullDefault Valueid_alarmbinary (16) No

Id_hostbinary (16) No

4.alarm_kingdomsFieldTypeAllow NullDefault Valueidint (11) No

Namevarchar (128) No

5.alarm_netsFieldTypeAllow NullDefault Valueid_alarmbinary (16) No

Id_netbinary (16) No

6.alarm_tagsFieldTypeAllow NullDefault Valueid_alarmbinary (16) No

Id_tagint (11) No

Alarm_taxonomyFieldTypeAllow NullDefault Valuesidint (11) No

Engine_idbinary (16) No'\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0'kingdomint (11) No

Categoryint (11) No

SubcategorytextNo

7.databasesFieldTypeAllow NullDefault Valueidint (10) UNSIGNEDNo

Ctxbinary (16) No

Namevarchar (64) No

Ipvarbinary (16) No

Portint (11) No3306uservarchar (64) No

Passvarchar (64) No

IconmediumblobNo

8.device_typesFieldTypeAllow NullDefault Valueidint (11) No

Namevarchar (64) No

Classint (11) No

9.eventFieldTypeAllow NullDefault Valueidbinary (16) No

Agent_ctxbinary (16) No

TimestamptimestampNoCURRENT_TIMESTAMPtzonefloatNo0sensor_idbinary (16) Yes

Interfacevarchar (32) No

Typeint (11) No

Plugin_idint (11) No

Plugin_sidint (11) No

Protocolint (11) Yes

Src_ipvarbinary (16) Yes

Dst_ipvarbinary (16) Yes

Src_portint (11) Yes

Dst_portint (11) Yes

Event_conditionint (11) Yes

ValuetextYes

Time_intervalint (11) Yes

Absolutetinyint (4) Yes

Priorityint (11) Yes1reliabilityint (11) Yes1asset_srcint (11) Yes1asset_dstint (11) Yes1risk_aint (11) Yes0risk_cint (11) Yes0alarmtinyint (4) Yes0filenamevarchar (256) Yes

Usernamevarchar (64) Yes

Passwordvarchar (64) Yes

Userdata1varchar (1024) Yes

Userdata2varchar (1024) Yes

Userdata3varchar (1024) Yes

Userdata4varchar (1024) Yes

Userdata5varchar (1024) Yes

Userdata6varchar (1024) Yes

Userdata7varchar (1024) Yes

Userdata8varchar (1024) Yes

Userdata9varchar (1024) Yes

RulenametextYes

Rep_prio_srcint (10) UNSIGNEDYes

Rep_prio_dstint (10) UNSIGNEDYes

Rep_rel_srcint (10) UNSIGNEDYes

Rep_rel_dstint (10) UNSIGNEDYes

Rep_act_srcvarchar (64) Yes

Rep_act_dstvarchar (64) Yes

Src_hostnamevarchar (64) Yes

Dst_hostnamevarchar (64) Yes

Src_macbinary (6) Yes

Dst_macbinary (6) Yes

Src_hostbinary (16) Yes

Dst_hostbinary (16) Yes

Src_netbinary (16) Yes

Dst_netbinary (16) Yes

Refsint (11) Yes

10.extra_dataFieldTypeAllow NullDefault Valueevent_idbinary (16) No

Data_payloadtextYes

Binary_datablobYes

11.hostFieldTypeAllow NullDefault Valueidbinary (16) No

Ctxbinary (16) No

Hostnamevarchar (128) No

Fqdnsvarchar (255) No

Assetsmallint (6) No

Threshold_cint (11) No

Threshold_aint (11) No

Alertint (11) No

Persistenceint (11) No

Natvarchar (15) Yes

Rrd_profilevarchar (64) Yes

Descrvarchar (255) Yes

Latvarchar (255) Yes'0'lonvarchar (255) Yes'0'iconmediumblobYes

Countryvarchar (64) Yes

External_hosttinyint (1) No0permissionsbinary (8) No'\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0'av_componenttinyint (1) No0createddatetimeYes

UpdateddatetimeYes

12.incidentFieldTypeAllow NullDefault Valueidint (11) No

Uuidbinary (16) No

Ctxbinary (16) No

Titlevarchar (512) No

DatedatetimeNo0000-00-0000: 00:00refenum ('Alarm','Alert','Event','Metric','Anomaly','Vulnerability','Custom') No'Alarm'type_idvarchar (64) No'0'priorityint (11) No

Statusenum ('Open','Assigned','Studying','Waiting','Testing','Closed') No'Open'last_updatedatetimeNo0000-00-0000: 00:00in_chargevarchar (64) No

Submittervarchar (64) No

Event_startdatetimeNo0000-00-0000: 00:00event_enddatetimeNo0000-00-0000: 00:0013.incident_alarmFieldTypeAllow NullDefault Valueidint (11) No

Incident_idint (11) No

Src_ipsvarchar (255) No

Src_portsvarchar (255) No

Dst_ipsvarchar (255) No

Dst_portsvarchar (255) No

Backlog_idbinary (16) No

Event_idbinary (16) No

Alarm_group_idbinary (16) Yes

14.incident_anomalyFieldTypeAllow NullDefault Valueidint (11) No

Incident_idint (11) No

Anom_typeenum ('mac','service','os') No'mac'ipvarchar (255) No

Data_origvarchar (255) No

Data_newvarchar (255) No

15.plugin_sidFieldTypeAllow NullDefault Valueplugin_ctxbinary (16) No

Plugin_idint (11) No

Sidint (11) No

Class_idint (11) Yes

Reliabilityint (11) Yes1priorityint (11) Yes1namevarchar

Arodecimal (11pr 4) No0.0000subcategory_idint (11) Yes

Category_idint (11) Yes

Usually we have an online OSSIM system and another development system. Now we need to update the development system online, but the database structure of the development system is slightly different from that on the line, so we need to find out the difference between the table structure of the two databases and the difference of the database table structure. We use the combination of mysqldump and diff commands to do this.

Export table structure

Mysqldump-uroot-p-d alienvault > / home/db1.sql

Mysqldump-uroot-p-d alienvault > / home/db2.sql

Compare

Diff db1.sql db2.sql > diff

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Structure data database system development differences events alarms two commands developers updates combinations vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Xiaomi Shulou Technology Microsoft MySQL macOS vpn Linux MariaDB Redmi Docker Shulou Tech Info Huawei Shulou Information NVidia OPPO Reno Apple Xiaomi Shulou Technology Microsoft MySQL macOS vpn Linux MariaDB Redmi Docker Shulou Tech Info Huawei Shulou Information NVidia OPPO Reno Apple

Share To

Related

Network Security

More Network Security >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report