Metadata Dictionary Subset

Stellar Cyber monitors your network to collect and respond to data reported from multiple sources such as network packets, endpoint telemetry, cloud logs, and threat intelligence feeds. Each type of data is handled differently before being populated into a standardized set of fields referred to as metadata. Where applicable, and based on your configuration and the type of content, the data may be de-duplicated, normalized, and enriched as it passes through sensors and the data processor, on its way to becoming part of an Interflow record.

The following tables list the metadata dictionary field names in the Stellar Cyber Interflow record, their description, and data type.

You can use these fields as part of your searches or queries that you build, along with vendor specific fields and values.

Alerts

Traffic

Vulnerabilities

Assets

Users