All Fields
Redflag
Ancestors
Type: List of Strings
Description: If the reference object has ancestor processes, this is a list of their names.
Field Name:
ancestors
Arguments
Type: List of Strings
Description: If referencing a process, the arguments of the process that generated the red flag.
Field Name:
args
Authenticated User Name
Type: String
Description: If referencing a process, the authenticated user name of the process that generated the red flag.
Field Name:
auser
Cluster Name
Type: String
Description: If red flag is associated with a cluster, or a node of a cluster, this is the name of the cluster.
Field Name:
cluster_name
Description
Type: String
Description: The reason the red flag was generated.
Field Name:
description
Effective User Name
Type: String
Description: If referencing a process, the effective user name of the process that generated the red flag.
Field Name:
euser
ID
Type: String
Description: The unique ID of the red flag.
Field Name:
id
Is Exception
Type: Boolean
Description: Is the red flag marked as an exception? If so, the red flag was generated by expected activity.
Field Name:
false_positive
Machine ID
Type: String
Description: The unique machine ID associated with the red flag. Generally begins with "mach:".
Field Name:
muid
Policy Name
Type: String
Description: If the red flag is associated with a Guardian policy, this is the name of the policy.
Field Name:
policy_name
Policy UID
Type: String
Description: If the red flag is associated with a Guardian policy, this is the unique ID of the policy.
Field Name:
policy_uid
Reference Object
Type: String
Description: The unique ID of the object that the red flag is associated with.
Field Name:
ref
Schema
Type: String
Description: The full schema string of the red flag.
Field Name:
schema
Severity
Type: String
Description: The security level of the red flag. One of: info, low, medium, high, critical.
Field Name:
severity
Spydertraces
Type: List of Strings
Description: The unique IDs of the spydertraces that this red flag is a part of.
Field Name:
traces
Uptime
Type: Number
Description: The uptime of the object referenced by the redflag.
Field Name:
uptime
Opsflag
Agent Type
Type: String
Description: The type of agent that generated an opsflag. Used with agent-related opsflags.
Field Name:
agent_type
Ancestors
Type: List of Strings
Description: If the reference object has ancestor processes, this is a list of their names.
Field Name:
ancestors
Arguments
Type: List of Strings
Description: If referencing a process, the arguments of the process that generated the ops flag.
Field Name:
args
Authenticated User Name
Type: String
Description: If referencing a process, the authenticated user name of the process that generated the ops flag.
Field Name:
auser
Cluster Name
Type: String
Description: The name of the cluster associated with an opsflag.
Field Name:
cluster_name
Description
Type: String
Description: The reason the ops flag was generated.
Field Name:
description
Effective User Name
Type: String
Description: If referencing a process, the effective user name of the process that generated the ops flag.
Field Name:
euser
False positive
Type: Boolean
Description: Is the opsflag a false positive?
Field Name:
false_positive
Hostname
Type: String
Description: The hostname of the machine associated with an opsflag.
Field Name:
hostname
Is Ephemeral
Type: Boolean
Description: Is the reference object ephemeral? Used with agent-related opsflags.
Field Name:
ephemeral
Machine ID
Type: String
Description: The unique machine ID associated with the ops flag. Generally begins with 'mach:'.
Field Name:
muid
Reference Object
Type: String
Description: The unique ID of the object that the ops flag is associated with.
Field Name:
ref
Schema
Type: String
Description: The full schema string of the ops flag.
Field Name:
schema
Severity
Type: String
Description: The alert level of the ops flag. One of: info, low, medium, high, critical.
Field Name:
severity
UID
Type: String
Description: The unique ID of the ops flag.
Field Name:
id
Uptime
Type: Number
Description: The uptime of the object referenced by the ops flag.
Field Name:
uptime
Spydertrace
Interactive Users
Type: List of Strings
Description: The list of interactive users associated with the spydertrace.
Field Name:
interactive_users
Is Interactive
Type: Boolean
Description: Is the spydertrace interactive? Interactive spydertraces are associated with interactive user processes.
Field Name:
interactive
Is Overtaken
Type: Boolean
Description: Has the spydertrace been overtaken by another spydertrace? It is best to set this to false because the overtaking trace contains all of the overtaken trace.
Field Name:
overtaken
Is Suppressed
Type: Boolean
Description: Is the spydertrace suppressed? Suppressed spydertraces are associated with expected activity.
Field Name:
suppressed
Machine UID
Type: String
Description: The unique machine ID associated with the spydertrace. Generally begins with "mach:".
Field Name:
muid
Name
Type: String
Description: The name of the spydertrace.
Field Name:
name
Non-Interactive Users
Type: List of Strings
Description: The list of non-interactive users associated with the spydertrace.
Field Name:
non_interactive_users
Root Process Name
Type: String
Description: Name of the root process of the spydertrace.
Field Name:
root_proc_name
Schema
Type: String
Description: The full schema string of the spydertrace.
Field Name:
schema
Score
Type: Integer
Description: A score ranking the severity of the spydertrace.
Field Name:
score
Status
Type: String
Description: Status of the spydertrace: closed or active.
Field Name:
status
Trigger
Type: String
Description: The unique ID for the object that triggered the spydertrace's creation.
Field Name:
trigger
Trigger Short Name
Type: String
Description: Short name for the object that triggered the spydertrace.
Field Name:
trigger_short_name
UID
Type: String
Description: The unique ID of the spydertrace.
Field Name:
id
Container
Cluster Name
Type: String
Description: The name of the kubernetes cluster the container is a part of
Field Name:
clustername
Cluster UID
Type: String
Description: The unique Spyderbat ID for the kubernetes cluster the container is a part of
Field Name:
cluster_uid
Container ID
Type: String
Description: The long identifier of the container as reported by the container runtime
Field Name:
container_id
Container Name
Type: String
Description: The name of the container as reported by the container runtime
Field Name:
container_name
Image
Type: String
Description: The fully qualified name of the image used to create the container
Field Name:
image
Image ID
Type: String
Description: The identifier of the image used to create the container
Field Name:
image_id
Machine UID
Type: String
Description: The unique spyderbat machine ID the container is running on
Field Name:
muid
Pod Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the pod the container is a part of
Field Name:
pod_labels
Pod Name
Type: String
Description: The name of the kubernetes pod the container is a part of
Field Name:
pod_name
Pod Namespace
Type: String
Description: The namespace of the kubernetes pod the container is a part of
Field Name:
pod_namespace
Pod Namespace Labels
Type: Dictionary of Strings to Strings
Description: The labels for the namespace of the kubernetes pod the container is a part of
Field Name:
pod_namespace_labels
Pod UID
Type: String
Description: The unique Spyderbat ID for the kubernetes pod the container is a part of
Field Name:
pod_uid
Root process UID
Type: String
Description: The spyderbat ID of the root process running in the container
Field Name:
root_puid
Schema
Type: String
Description: The Spyderbat schema for the container model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the container
Field Name:
id
node_uid
Type: String
Field Name:
node_uid
Cluster
Name
Type: String
Description: The name assigned to the cluster at spyderbat provisioning time
Field Name:
name
Schema
Type: String
Description: The Spyderbat schema for the cluster model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the cluster
Field Name:
id
Node
Cluster Name
Type: String
Description: The name of the kubernetes cluster the node belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat ID for the kubernetes cluster the node belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the node as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the node as reported in the metadata
Field Name:
metadata.labels
Machine UID
Type: String
Description: The unique Spyderbat machine ID for the node
Field Name:
muid
Name
Type: String
Description: The kubernetes name for the node as reported in the metadata
Field Name:
metadata.name
Schema
Type: String
Description: The Spyderbat schema for the node model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for this model
Field Name:
id
Deployment
Cluster Name
Type: String
Description: The name of the kubernetes cluster the deployment belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the deployment belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the deployment as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the deployment as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the deployment as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the deployment as reported in the metadata
Field Name:
metadata.namespace
Schema
Type: String
Description: The Spyderbat schema for the deployment model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the deployment
Field Name:
id
Replicaset
Cluster Name
Type: String
Description: The name of the kubernetes cluster the replicaset belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the replicaset belongs to
Field Name:
cluster_uid
Deployment name
Type: String
Description: The name for the deployment the replicaset is owned by (if replicaset is owned by a deployment)
Field Name:
deployment_name
Deployment uid
Type: String
Description: The Spyderbat unique id for the deployment the replicaset is owned by (if replicaset is owned by a deployment)
Field Name:
deployment_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the replicaset as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the replicaset as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the replicaset as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the replicaset as reported in the metadata
Field Name:
metadata.namespace
Schema
Type: String
Description: The Spyderbat schema for the replicaset model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the replicaset
Field Name:
id
Daemonset
Cluster Name
Type: String
Description: The name of the kubernetes cluster the daemonset belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the daemonset belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the daemonset as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the daemonset as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the daemonset as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the daemonset as reported in the metadata
Field Name:
metadata.namespace
Schema
Type: String
Description: The Spyderbat schema for the daemonset model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the daemonset
Field Name:
id
Job
Cluster Name
Type: String
Description: The name of the kubernetes cluster the job belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the job belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the job as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the job as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the job as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the job as reported in the metadata
Field Name:
metadata.namespace
Schema
Type: String
Description: The Spyderbat schema for the job model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the job
Field Name:
id
Cronjob
Cluster Name
Type: String
Description: The name of the kubernetes cluster the cronjob belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the cronjob belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the cronjob as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the cronjob as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the cronjob as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the cronjob as reported in the metadata
Field Name:
metadata.namespace
Schema
Type: String
Description: The Spyderbat schema for the cronjob model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the cronjob
Field Name:
id
Statefulset
Cluster Name
Type: String
Description: The name of the kubernetes cluster the statefulset belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the statefulset belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the statefulset as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the statefulset as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the statefulset as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the statefulset as reported in the metadata
Field Name:
metadata.namespace
Schema
Type: String
Description: The Spyderbat schema for the statefulset model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the statefulset
Field Name:
id
Service
Cluster Name
Type: String
Description: The name of the kubernetes cluster the service belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the service belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the service as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the service as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the service as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the service as reported in the metadata
Field Name:
metadata.namespace
Schema
Type: String
Description: The Spyderbat schema for the service model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the service
Field Name:
id
Pod
Cluster Name
Type: String
Description: The name of the kubernetes cluster the pod belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the pod belongs to
Field Name:
cluster_uid
Deployment UID
Type: String
Description: The spyderbat unique id for the deployment the pod is associated with
Field Name:
deployment_uid
Deployment name
Type: String
Description: The name of the deployment the pod is associated with
Field Name:
deployment_name
Kubernetes uid
Type: String
Description: The kubernetes unique id for the pod as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the pod as reported in the metadata
Field Name:
metadata.labels
Machine UID
Type: String
Description: The unique machine ID associated with this pod
Field Name:
muid
Name
Type: String
Description: The kubernetes name for the pod as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the pod as reported in the metadata
Field Name:
metadata.namespace
Node UID
Type: String
Description: The spyderbat unique id for the node the pod is running on
Field Name:
node_uid
Owner Kind
Type: String
Description: The kind of the resource that owns the pod
Field Name:
owner_kind
Owner Name
Type: String
Description: The name of the resource that owns the pod
Field Name:
owner_name
Owner UID
Type: String
Description: The Spyderbat unique uid of the resource that owns the pod
Field Name:
owner_uid
Schema
Type: String
Description: The Spyderbat schema for the pod model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the pod
Field Name:
id
Role
Cluster Name
Type: String
Description: The name of the kubernetes cluster the role belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the role belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the role as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the role as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the role as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the role as reported in the metadata
Field Name:
metadata.namespace
Schema
Type: String
Description: The Spyderbat schema for the role model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the role
Field Name:
id
Cluster Role
Cluster Name
Type: String
Description: The name of the kubernetes cluster the role belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the role belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the role as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the role as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the role as reported in the metadata
Field Name:
metadata.name
Schema
Type: String
Description: The Spyderbat schema for the role model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the role
Field Name:
id
Service Account
Cluster Name
Type: String
Description: The name of the kubernetes cluster the service account belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the service account belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the service account as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the service account as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the service account as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the service account as reported in the metadata
Field Name:
metadata.namespace
Schema
Type: String
Description: The Spyderbat schema for the service account model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the service account
Field Name:
id
Role Binding
Cluster Name
Type: String
Description: The name of the kubernetes cluster the rolebinding belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the rolebinding belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the rolebinding as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the rolebinding as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the rolebinding as reported in the metadata
Field Name:
metadata.name
Namespace
Type: String
Description: The kubernetes namespace for the rolebinding as reported in the metadata
Field Name:
metadata.namespace
Schema
Type: String
Description: The Spyderbat schema for the rolebinding model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the rolebinding
Field Name:
id
Cluster Role Binding
Cluster Name
Type: String
Description: The name of the kubernetes cluster the clusterrolebinding belongs to
Field Name:
cluster_name
Cluster UID
Type: String
Description: The unique Spyderbat id for the kubernetes cluster the clusterrolebinding belongs to
Field Name:
cluster_uid
Kubernetes uid
Type: String
Description: The kubernetes unique id for the clusterrolebinding as reported in the metadata
Field Name:
metadata.uid
Labels
Type: Dictionary of Strings to Strings
Description: The kubernetes labels for the clusterrolebinding as reported in the metadata
Field Name:
metadata.labels
Name
Type: String
Description: The kubernetes name for the clusterrolebinding as reported in the metadata
Field Name:
metadata.name
Schema
Type: String
Description: The Spyderbat schema for the clusterrolebinding model
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for the clusterrolebinding
Field Name:
id
Listening Socket
Duration
Type: Number
Description: The duration of the model in seconds
Field Name:
duration
Local IP
Type: IP Address
Description: The local IP address, or originating address of the connection
Field Name:
local_ip
Local port
Type: Integer
Description: The local port of the connection
Field Name:
local_port
Machine UID
Type: String
Description: The unique machine ID associated with this model or event
Field Name:
muid
Process UIDs
Type: List of Strings
Description: The unique Spyderbat IDs for the associated processes to this socket
Field Name:
puids
Schema
Type: String
Description: The full schema string of the listening socket
Field Name:
schema
Status
Type: String
Description: Status of this model: closed or active
Field Name:
status
UID
Type: String
Description: The unique Spyderbat ID for the listening socket.
Field Name:
id
Connection
Bytes Received
Type: Integer
Description: The number of bytes received on the local side of the connection.
Field Name:
bytes_rx
Bytes Sent
Type: Integer
Description: The number of bytes sent on to the remote side of the connection.
Field Name:
bytes_tx
Cgroup
Type: String
Description: The latest cgroup associated with the connection.
Field Name:
cgroup
Container UID
Type: String
Description: The unique ID of the container associated with the connection.
Field Name:
container_uid
Destination
Type: List of Strings
Description: The destinations of the connection (max 100 array). "ipv4|ipv6:remote_ip:remote_port".
Field Name:
dsts
Direction
Type: String
Description: The direction of the connection: "inbound", "outbound", or "unknown".
Field Name:
direction
Duration
Type: Number
Description: The duration of the connection model in seconds at time of last update.
Field Name:
duration
Family
Type: String
Description: Family: IPV4 or IPV6.
Field Name:
family
Local IP
Type: IP Address
Description: The local IP address, or originating address of the connection
Field Name:
local_ip
Local port
Type: Integer
Description: The local port of the connection
Field Name:
local_port
Machine UID
Type: String
Description: The unique ID of the machine associated with the connection.
Field Name:
muid
Payload
Type: String
Description: A string representation of the payload of the connection. For example, the domain name of a DNS request response.
Field Name:
payload
Peer connection UID
Type: String
Description: The unique ID of the peer remote connection if seen by Spyderbat.
Field Name:
peer_cuid
Peer machine UID
Type: String
Description: The unique ID of the peer connection's machine if seen by Spyderbat.
Field Name:
peer_muid
Peer process UID
Type: String
Description: The unique ID of the peer connection's process if seen by Spyderbat.
Field Name:
peer_puid
Process UID
Type: String
Description: The unique ID of the latest process associated with the connection.
Field Name:
puid
Process UIDs
Type: List of Strings
Description: The unique IDs of the process(es) associated with the connection.
Field Name:
puids
Process name
Type: String
Description: The name of the process associated with the connection.
Field Name:
proc_name
Remote IP
Type: IP Address
Description: The IP address on the remote side of the connection.
Field Name:
remote_ip
Remote hostname
Type: String
Description: The hostname on the remote side of the connection.
Field Name:
remote_hostname
Remote port
Type: Integer
Description: The port number on the remote side of the connection.
Field Name:
remote_port
Schema
Type: String
Description: The full schema of the connection.
Field Name:
schema
Sources
Type: List of Strings
Description: The objects that are the source of the connection (max 100 array).
Field Name:
srcs
Spydertraces
Type: List of Strings
Description: The unique IDs of the spydertraces this connection is a part of.
Field Name:
traces
Status
Type: String
Description: Status of the connection: closed or active.
Field Name:
status
UID
Type: String
Description: The unique ID for this connection.
Field Name:
id
Machine
Boot Time
Type: Number
Description: The time at which the machine was booted.
Field Name:
boot_time
CPU Architecture
Type: String
Description: The architecture of the CPU that is installed in the machine.
Field Name:
machine_processor
CPU Model
Type: String
Description: The model of the CPU that is installed in the machine.
Field Name:
cpu_model
Cloud Image ID
Type: String
Description: If from a cloud provider, the image ID.
Field Name:
cloud_image_id
Cloud Instance ID
Type: String
Description: If from a cloud provider, the instance ID of the virtual machine.
Field Name:
cloud_instance_id
Cloud Region ID
Type: String
Description: If from a cloud provider, the region ID.
Field Name:
cloud_region
Cloud Tags
Type: Dictionary of Strings to Strings
Description: If from a cloud provider, the tags associated with the machine.
Field Name:
cloud_tags
Cloud Type
Type: String
Description: If from a cloud provider, the type of cloud provider.
Field Name:
cloud_type
Cluster Name
Type: String
Description: The name of the cluster the machine is associated with.
Field Name:
cluster_name
Duration
Type: Number
Description: The amount of time the machine has been running in seconds.
Field Name:
duration
Hostname
Type: String
Description: The hostname of the machine.
Field Name:
hostname
Kernel Modules
Type: List of Strings
Description: The list of kernel modules that are installed on the machine.
Field Name:
kernel_mods
OS Release
Type: String
Description: The release of the operating system installed on the machine.
Field Name:
os_release
OS System
Type: String
Description: The system of the operating system installed on the machine. Generally "linux".
Field Name:
os_system
OS Version
Type: String
Description: The version of the operating system installed on the machine.
Field Name:
os_version
OS name
Type: String
Description: The name of the operating system installed on the machine.
Field Name:
os_name
Private IP Address
Type: List of Strings
Description: The private IP addresses associated with the machine.
Field Name:
private_ip
Public IP Address
Type: List of Strings
Description: The public IP addresses associated with the machine.
Field Name:
public_ip
Schema
Type: String
Description: The full schema of the machine.
Field Name:
schema
UID
Type: String
Description: The unique ID for this machine.
Field Name:
id
Fingerprint
status
Type: String
Field Name:
status
cgroup
Type: String
Field Name:
cgroup
service_name
Type: String
Field Name:
service_name
image
Type: String
Field Name:
image
image_id
Type: String
Field Name:
image_id
container_name
Type: String
Field Name:
container_name
container_id
Type: String
Field Name:
container_id
Machine UID
Type: String
Field Name:
muid
Root Process UID
Type: String
Field Name:
root_puid
Schema
Type: String
Field Name:
schema
UID
Type: String
Description: The unique Spyderbat ID for this model
Field Name:
id
Process
src_uid
Type: String
Field Name:
src_uid
Ancestors
Type: List of Strings
Description: A list of the names of the ancestor processes
Field Name:
ancestors
Arguments
Type: List of Strings
Description: The arguments specified when the process is started
Field Name:
args
Authenticated user
Type: String
Description: The authenticated user name
Field Name:
auser
CGroup
Type: String
Description: The Cgroup, if any, associated with the process
Field Name:
cgroup
Container
Type: String
Description: The container ID
Field Name:
container
Container UID
Type: String
Description: The spyderbat ID for the container model, if any
Field Name:
container_uid
Duration
Type: Number
Description: The duration of the model in seconds
Field Name:
duration
Effective user
Type: String
Description: The effective user who created the process
Field Name:
euser
Environment Variables
Type: Dictionary of Strings to Strings
Description: A map with the name and value of all environment variables set at the time of process creation
Field Name:
environ
Executable
Type: String
Description: The pathname of the executable associated with the process
Field Name:
exe
Interactive
Type: Boolean
Description: Specifies if the process is associated with a terminal, and indicates if there is a human user who likely created the process
Field Name:
interactive
Machine UID
Type: String
Description: The unique ID of the associated machine
Field Name:
muid
Name
Type: String
Description: The name of the process
Field Name:
name
Organization UID
Type: String
Description: The unique ID of the Spyderbat organization that owns this data
Field Name:
org_uid
PID
Type: Integer
Description: The Unix process ID for this process
Field Name:
pid
Parent PID
Type: Integer
Description: Unix process ID for the parent of this process
Field Name:
ppid
Parent process UID
Type: String
Description: The unique Spyderbat ID of the parent process object
Field Name:
ppuid
Schema
Type: String
Description: The string model_process:...
Field Name:
schema
Session UID
Type: String
Description: The Spyderbat UID for the associated session
Field Name:
suid
Status
Type: String
Description: Status of this model: closed or active
Field Name:
status
Thread
Type: Boolean
Description: Indicates that this process is a thread
Field Name:
thread
Traces
Type: List of Strings
Description: An array of Spyderbat UID for traces associated with this process
Field Name:
traces
UID
Type: String
Description: The unique Spyderbat ID for this model
Field Name:
id
Last updated