Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

Info

Agent Heart Beat logs are generated by Snare agents, and can be used to identify systems that are offline, or where the agent has been deactivated.

Agent heart beats are received by the Snare collection subsystem on port 6161 TCP or UDP.

Fields

Field

Description

DATE

Event date, in the format YYYY-MM-DD

TIME

Event time, in the format HH:MM:SS

SYSTEM

The source system

TABLE

AgentHeartBeat

AGENTTYPE

The type of agent reporting, for example: Windows, or Epilog

VERSION

The version of the agent

ACTION

INFO
WARNING
ERROR
HeartBeat
ServiceLog

STRINGS

Any extra content sent by the agent