ALERT_EVIDENCE_V View

This view reports details about the evidence or observation details of individual events.
Each row contains event information as listed in the columns.

Column Name	Data Type	Description
START_TIME	Timestamp	The time and date when the hourly aggregation time period starts.
END_TIME	Timestamp	The time and date when the hourly aggregation time period ends.
EVENT_TYPE	Varchar	The event type.
SRC_EVENT	Object	The metadata of the source of the event.
SRC_TYPE	Variant	The source type associated with the event.
DST_EVENT	Object	The metadata of the destination of the event.
DST_TYPE	Variant	The destination type associated with the event.
EVENT_COUNT	Variant	The number of similar observations found in the same hourly aggregation time period.

This view reports details about the evidence or observation details of individual events.
Each row contains event information as listed in the columns.

Column Name	Data Type	Description
START_TIME	Timestamp	The time and date when the hourly aggregation time period starts.
END_TIME	Timestamp	The time and date when the hourly aggregation time period ends.
EVENT_TYPE	Varchar	The event type.
SRC_EVENT	Object	The metadata of the source of the event.
SRC_TYPE	Variant	The source type associated with the event.
DST_EVENT	Object	The metadata of the destination of the event.
DST_TYPE	Variant	The destination type associated with the event.
EVENT_COUNT	Variant	The number of similar observations found in the same hourly aggregation time period.

Administration Guide

ALERT_EVIDENCE_V View

ALERT_EVIDENCE_V View

ALERT_EVIDENCE_V View

ALERT_EVIDENCE_V View