Versions Compared

Old Version 1

changes.mady.by.user Andrew Madge

Saved on

compared with

New Version Current

changes.mady.by.user Leigh Purdie (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

Info

Agent Heart Beat logs are generated by Snare agents, and can be used to identify systems that are offline, or where the agent has been deactivated.

Agent heart beats are received by the Snare collection subsystem on port 6161 TCP or UDP.

Sample Events

VM11WIN7TEST AgentHeartBeat 14/09/2017 16:07:43 Windows 5.0.0-RC2 HeartBeat Mark - License expired on 2017-Jun-09. Support expired on 2017-Jun-09. Extra

Fields

Field

Description

DATE

Event date, in the format YYYY-MM-DD

TIME

Event time, in the format HH:MM:SS

SYSTEM

The source system

TABLE

AgentHeartBeat

AGENTTYPE

The type of agent reporting, for example: Windows, or Epilog

VERSION

The version of the agent

ACTION

INFO
WARNING
ERROR
HeartBeat
ServiceLog

STRINGS

Any extra content sent by the agent, such as license information, and destination availability information.