Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Overview

Agent Heart Beat logs are generated by Snare agents, and can be used to identify systems that are offline, or where the agent has been deactivated.

Agent heart beats are received by the Snare collection subsystem on port 6161 TCP or UDP.

Fields

Field

Description

DATE

Event date, in the format YYYY-MM-DD

TIME

Event time, in the format HH:MM:SS

SYSTEM

The source system

TABLE

AgentHeartBeat

AGENTTYPE

The type of agent reporting, for example: Windows, or Epilog

VERSION

The version of the agent

ACTION

INFO
WARNING
ERROR
HeartBeat
ServiceLog

STRINGS

Any extra content sent by the agent

  • No labels