SchemaSpy Analysis of SIEM.publicWe recommend you use the Views and not the Tables for any reports you write | Generated by SchemaSpy |
Generated by SchemaSpy on Mon Mar 26 23:24 EDT 2012 | |
Database Type: PostgreSQL - 9.0.4 |
|
XML Representation Insertion Order Deletion Order (for database loading/purging scripts) |
Table / View | Children | Parents | Columns | Rows | Comments |
---|---|---|---|---|---|
actvy | 3 | 14 | 0 | iTRAC activity (aka action) details | |
actvy_parm | 1 | 1 | 14 | 0 | Details of iTRAC activity parameters |
actvy_parm_rpt_v | 14 | view | Details of iTRAC activity parameters | ||
actvy_ref | 2 | 2 | 7 | 0 | Details of iTRAC activity references |
actvy_ref_parm_val | 3 | 8 | 0 | Details of iTRAC activity reference parameter values | |
actvy_ref_parm_val_rpt_v | 8 | view | Details of iTRAC activity reference parameter values | ||
actvy_ref_rpt_v | 7 | view | Details of iTRAC activity references | ||
actvy_rpt_v | 14 | view | iTRAC activity (aka action) details | ||
adv_nxs_feed | 11 | 0 | Advisor feed files that are processed on regular schedule | ||
adv_nxs_feed_v | 11 | view | Advisor feed files that are processed on regular schedule | ||
adv_nxs_kb_patch | 1 | 9 | 0 | The patches that are required to remove vulnerabilities | |
adv_nxs_kb_patch_v | 9 | view | The patches that are required to remove vulnerabilities | ||
adv_nxs_kb_productsref | 1 | 10 | 0 | The products that are affected by vulnerability | |
adv_nxs_kb_productsref_v | 10 | view | The products that are affected by vulnerability | ||
adv_nxs_mappings | 4 | 15 | 0 | The mapping between each product such as IDS product signature, Vulnerability product signatures etc. | |
adv_nxs_mappings_v | 15 | view | The mapping between each product such as IDS product signature, Vulnerability product signatures etc. | ||
adv_nxs_osvdb_details | 2 | 44 | 0 | Known vulnerabilities from the OSVDB and the classification to which the vulnerability applies. | |
adv_nxs_osvdb_details_v | 44 | view | Known vulnerabilities from the OSVDB and the classification to which the vulnerability applies. | ||
adv_nxs_products | 1 | 13 | 0 | All the products that are supported by Novell for Advisor. | |
adv_nxs_products_v | 13 | view | All the products that are supported by Novell for Advisor. | ||
adv_nxs_signatures | 4 | 1 | 10 | 0 | List of signatures of the products that are supported by Novell for Advisor. |
adv_nxs_signatures_v | 10 | view | List of signatures of the products that are supported by Novell for Advisor. | ||
annotations | 7 | 0 | Annotations (or notes) attached to incidents | ||
annotations_rpt_v | 7 | view | Annotations (or notes) attached to incidents | ||
asset | 1 | 7 | 15 | 0 | Associates an asset with all of the detailed information about that asset, which is located in other tables. |
asset_category_rpt_v | 6 | view | Asset category information | ||
asset_ctgry | 1 | 6 | 0 | Asset category information | |
asset_hostname | 8 | 0 | Asset hostname information | ||
asset_hostname_rpt_v | 8 | view | Asset hostname information | ||
asset_ip | 1 | 8 | 0 | Asset IP address information | |
asset_ip_rpt_v | 8 | view | Asset IP address information | ||
asset_loc | 1 | 13 | 0 | Asset geographical location information | |
asset_location_rpt_v | 13 | view | Asset geographical location information | ||
asset_rpt_v | 15 | view | Associates an asset with all of the detailed information about that asset, which is located in other tables. | ||
asset_val_lkup | 1 | 6 | 0 | Asset value types | |
asset_value_rpt_v | 6 | view | Asset value types | ||
asset_x_entity_x_role | 5 | 10 | 0 | Associates an asset with all of the people, roles, and organizations related to the asset. | |
asset_x_entity_x_role_rpt_v | 10 | view | Associates an asset with all of the people, roles, and organizations related to the asset. | ||
associations | 8 | 0 | A table used for associating objects in various tables (such as users to incident, incident to annotations, etc.) | ||
associations_rpt_v | 8 | view | A table used for associating objects in various tables (such as users to incident, incident to annotations, etc.) | ||
attachments | 12 | 0 | Incident attachments | ||
attachments_rpt_v | 12 | view | Incident attachments | ||
configs | 9 | 0 | General configuration information of the system. | ||
configs_rpt_v | 9 | view | General configuration information of the system. | ||
console_slms | 1 | 12 | 0 | The list of distributed search initiators configured in this system. | |
contacts_rpt_v | 13 | view | The list of Sentinel users | ||
corr_act_def | 2 | 7 | 0 | Definitions of actions, which is useful for describing actions in action configuration user interfaces. | |
corr_act_meta | 1 | 7 | 0 | Action metadata that is useful to describing an action, particular for use in action configuration user interfaces. | |
corr_act_parm | 2 | 9 | 0 | Stores the parameter values (e.g, as entered by a user) for instances of actions. | |
corr_act_parm_def | 1 | 1 | 8 | 0 | The definitions of action parameters, which is useful for describing action parameters in action configuration user interfaces. |
corr_deploy_config | 1 | 1 | 8 | 0 | Correlation rule deployment configuration details. |
corr_engine_config | 2 | 9 | 0 | Correlation engine configuration details. | |
corr_rule | 12 | 0 | Correlation rules | ||
corr_rule_cfg | 2 | 10 | 0 | Correlation rule configuration details. | |
correlated_events | 9 | 0 | Associates a correlation event with the events that triggered the correlation event. This table is used to figure out what caused a correlation rule to fire. | ||
correlated_events_rpt_v | 9 | view | Associates a correlation event with the events that triggered the correlation event. This table is used to figure out what caused a correlation rule to fire. | ||
crit_lkup | 1 | 6 | 0 | Asset criticality types | |
criticality_rpt_v | 6 | view | Asset criticality types | ||
cust | 6 | 0 | Lists of all of the MSSP customer names. | ||
cust_hierarchy | 10 | 0 | The hierarchy of an MSSP customer. This is used to create a logical organization of customer names. | ||
cust_hierarchy_v | 10 | view | The hierarchy of an MSSP customer. This is used to create a logical organization of customer names. | ||
cust_rpt_v | 6 | view | Lists of all of the MSSP customer names. | ||
disk_monitor | 4 | 0 | Disk size information collected by a periodically run disk monitor job. | ||
dist_search_config | 9 | 0 | Distributed search configuration. | ||
entity_typ_lkup | 1 | 6 | 0 | Asset entity types (such as person, organization) | |
entity_type_rpt_v | 6 | view | Asset entity types (such as person, organization) | ||
env_identity_lkup | 1 | 6 | 0 | Asset environment identity types | |
env_identity_rpt_v | 6 | view | Asset environment identity types | ||
esec_content | 2 | 11 | 0 | Part of the solution pack content tracking system. This table holds the details of the content that is present in a solution pack. | |
esec_content_grp | 1 | 1 | 9 | 0 | Part of the solution pack content tracking system. This table holds the details of the content groups that are present in a solution pack. |
esec_content_grp_content | 3 | 8 | 0 | Part of the solution pack content tracking system. This table associates content groups to content. | |
esec_content_grp_content_rpt_v | 8 | view | Part of the solution pack content tracking system. This table associates content groups to content. | ||
esec_content_grp_rpt_v | 9 | view | Part of the solution pack content tracking system. This table holds the details of the content groups that are present in a solution pack. | ||
esec_content_pack | 1 | 8 | 0 | Part of the solution pack content tracking system. This table holds the details of the solution packs that are present in the system. | |
esec_content_pack_rpt_v | 8 | view | Part of the solution pack content tracking system. This table holds the details of the solution packs that are present in the system. | ||
esec_content_rpt_v | 11 | view | Part of the solution pack content tracking system. This table holds the details of the content that is present in a solution pack. | ||
esec_ctrl | 1 | 1 | 11 | 0 | Part of the solution pack content tracking system. This table holds the details of the controls that are present in a solution pack. |
esec_ctrl_ctgry | 1 | 1 | 9 | 0 | Part of the solution pack content tracking system. This table holds the details of the control categories that are present in a solution pack. |
esec_ctrl_ctgry_rpt_v | 9 | view | Part of the solution pack content tracking system. This table holds the details of the control categories that are present in a solution pack. | ||
esec_ctrl_rpt_v | 11 | view | Part of the solution pack content tracking system. This table holds the details of the controls that are present in a solution pack. | ||
esec_db_patches | 4 | 0 | Contains a list of the patches applied to the database schema. | ||
esec_db_version | 4 | 1 | The version of the database schema. | ||
esec_display | 15 | 0 | Contains a list of all event fields, including their name, whether they are populated with data by the mapping service, and other details related to the field. | ||
esec_display_rpt_v | 15 | view | Contains a list of all event fields, including their name, whether they are populated with data by the mapping service, and other details related to the field. | ||
esec_namespace | 7 | 0 | (Deprecated) Information about namespaces folders that certain objects (such as correlation rules) are able to be defined within. | ||
esec_namespace_leaf | 7 | 0 | (Deprecated) Information about namespaces that certain objects (such as correlation rules) are able to be defined within. A namespace leaf represents the association of an instance of an object with the namespace. | ||
esec_port_reference | 1 | 8 | 0 | Industry standard assigned port numbers | |
esec_port_reference_rpt_v | 8 | view | Industry standard assigned port numbers | ||
esec_protocol_reference | 1 | 7 | 0 | Industry standard assigned protocol numbers | |
esec_protocol_reference_rpt_v | 7 | view | Industry standard assigned protocol numbers | ||
esec_sequence | 7 | 0 | Used to generate primary key sequence for other tables | ||
esec_sequence_rpt_v | 7 | view | Used to generate primary key sequence for other tables | ||
esec_user_report_state | 2 | 7 | 0 | Status details of user's report (e.g., read/unread) | |
esec_uuid_uuid_assoc | 8 | 0 | Associates objects in one table to objects in another table. This table is used to associate a variety of objects with other kinds of objects (such as a Report Data Definition with the Data Synchronization Policy it relates to). | ||
esec_uuid_uuid_assoc_rpt_v | 8 | view | Associates objects in one table to objects in another table. This table is used to associate a variety of objects with other kinds of objects (such as a Report Data Definition with the Data Synchronization Policy it relates to). | ||
event_data_sync_policies | 9 | 0 | Data synchronization policy configuration data. | ||
evt_datasync_info | 9 | 0 | Data synchronization status data. | ||
evt_src | 2 | 1 | 10 | 0 | The configuration information for all event source nodes. |
evt_src_collector | 1 | 2 | 11 | 0 | The configuration information for all collector nodes. |
evt_src_collector_rpt_v | 11 | view | The configuration information for all collector nodes. | ||
evt_src_deleted | 10 | 0 | The configuration information for all deleted event source nodes. | ||
evt_src_grp | 1 | 3 | 12 | 0 | The configuration information for all connector nodes (event source group is an internal name used for connector nodes). |
evt_src_grp_rpt_v | 12 | view | The configuration information for all connector nodes (event source group is an internal name used for connector nodes). | ||
evt_src_mgr | 3 | 2 | 10 | 0 | The configuration information for all collector manager nodes (event source manager is an internal name used for collector manager nodes). |
evt_src_mgr_rpt_v | 10 | view | The configuration information for all collector manager nodes (event source manager is an internal name used for collector manager nodes). | ||
evt_src_offset | 1 | 7 | 0 | The offset data for event source nodes. | |
evt_src_offset_rpt_v | 7 | view | The offset data for event source nodes. | ||
evt_src_rpt_v | 10 | view | The configuration information for all event source nodes. | ||
evt_src_srvr | 2 | 2 | 10 | 0 | The configuration information for all event source server nodes. |
evt_src_srvr_rpt_v | 10 | view | The configuration information for all event source server nodes. | ||
ext_data | 9 | 0 | This table is used with external incident tracking to store a reference to the copy of the incident in the external system (such the ID of the incident located in the external system). | ||
external_data_rpt_v | 9 | view | This table is used with external incident tracking to store a reference to the copy of the incident in the external system (such the ID of the incident located in the external system). | ||
filters | 1 | 12 | 0 | Filters used for various contexts | |
global_filter_corr_action_association | 2 | 6 | 0 | Association between Global filter and Correlation Actions | |
global_filters | 2 | 13 | 0 | A list of global filters | |
incidents | 1 | 1 | 15 | 0 | Details of incidents |
incidents_assets | 6 | 0 | Assets that are associated with incidents | ||
incidents_assets_rpt_v | 6 | view | Assets that are associated with incidents | ||
incidents_events | 1 | 8 | 0 | Events that are associated with incidents | |
incidents_events_rpt_v | 8 | view | Events that are associated with incidents | ||
incidents_rpt_v | 15 | view | Details of incidents | ||
incidents_vuln | 6 | 0 | Vulnerabilities that are associated with incidents | ||
incidents_vuln_rpt_v | 6 | view | Vulnerabilities that are associated with incidents | ||
integrator_config | 1 | 10 | 0 | The configuration information for instances of integrators. | |
ixlog_part | 1 | 22 | 0 | Details of the event partitions located in the file-based event store | |
license_record | 5 | 0 | Holds records used for recording license compliance. | ||
license_record_hours | 5 | 0 | Holds records used for recording license compliance. | ||
license_record_lock | 0 | 0 | Used for synchronization of the license record trigger. | ||
md_config | 1 | 12 | 0 | Various system configuration settings. | |
md_view_config | 10 | 0 | Configuration of the configurable table views in Sentinel Control Center. Table views are available for many objects, such as incidents, iTRAC processes, etc. | ||
mssp_associations | 8 | 0 | Associates an MSSP Customer with that customer's objects (such as vulnerabilities, assets, etc.) | ||
mssp_associations_v | 8 | view | Associates an MSSP Customer with that customer's objects (such as vulnerabilities, assets, etc.) | ||
network_identity_lkup | 1 | 6 | 0 | Asset network identity types | |
network_identity_rpt_v | 6 | view | Asset network identity types | ||
organization | 1 | 7 | 0 | Asset organization information | |
organization_rpt_v | 7 | view | Asset organization information | ||
partition_sync_info | 4 | 0 | Partition data synchronization status data. | ||
permissions | 1 | 8 | 0 | Contains the list of predefined permissions for various functionality. | |
person | 1 | 10 | 0 | Information about a person that is related to an asset | |
person_rpt_v | 10 | view | Information about a person that is related to an asset | ||
physical_asset | 2 | 2 | 13 | 0 | Associates a physical asset with all of its physical asset attributes (such as IP, location, etc.) |
physical_asset_rpt_v | 13 | view | Associates a physical asset with all of its physical asset attributes (such as IP, location, etc.) | ||
prdt | 1 | 1 | 8 | 0 | Asset product information |
product_rpt_v | 8 | view | Asset product information | ||
raw_data_files_info | 10 | 0 | Details of the raw data files located in the file-based raw data store | ||
role_lkup | 1 | 6 | 0 | Asset role types (such as business unit, department, division, etc.) | |
role_rpt_v | 6 | view | Asset role types (such as business unit, department, division, etc.) | ||
scheduled_job_detail | 15 | 0 | Details of jobs scheduled to run (such as running a report on a schedule). | ||
sensitivity_lkup | 1 | 6 | 0 | Asset sensitivity types | |
sensitivity_rpt_v | 6 | view | Asset sensitivity types | ||
sentinel | 2 | 9 | 0 | A list of Sentinel systems known by this system. Currently, this table only contains the local live Sentinel system as well as the "offline" Sentinel used in the Event Source Manager Scratch Pad user interface. | |
sentinel_host | 1 | 1 | 11 | 0 | Details of the machine on which a sentinel component is installed. |
sentinel_host_rpt_v | 11 | view | Details of the machine on which a sentinel component is installed. | ||
sentinel_plugin | 6 | 11 | 0 | Details of plug-ins (such as collector, connector, and reports) imported into the system. This table references the plug-in zip files, which are located on the Sentinel server filesystem. | |
sentinel_plugin_rpt_v | 11 | view | Details of plug-ins (such as collector, connector, and reports) imported into the system. This table references the plug-in zip files, which are located on the Sentinel server filesystem. | ||
sentinel_rpt_v | 9 | view | A list of Sentinel systems known by this system. Currently, this table only contains the local live Sentinel system as well as the "offline" Sentinel used in the Event Source Manager Scratch Pad user interface. | ||
states | 2 | 8 | 0 | Definitions of possible states of incidents | |
states_rpt_v | 8 | view | Definitions of possible states of incidents | ||
tag_event_source_association | 2 | 6 | 0 | Association of event source and tags | |
tag_event_source_association_v | 6 | view | Association of event source and tags | ||
tag_event_source_server_association | 2 | 6 | 0 | Association of event source server and tags | |
tag_event_source_server_association_v | 6 | view | Association of event source server and tags | ||
tag_event_src_manager_association | 2 | 6 | 0 | Association of collector manager and tags | |
tag_event_src_manager_association_v | 6 | view | Association of collector manager and tags | ||
tag_global_filter_association | 2 | 6 | 0 | Association between Tags and Global filter | |
tag_plugin_association | 2 | 7 | 0 | Association of plug-ins (such a reports) and tags | |
tag_plugin_association_v | 7 | view | Association of plug-ins (such a reports) and tags | ||
tags | 7 | 6 | 0 | List of tags | |
tags_v | 6 | view | List of tags | ||
target_slms | 10 | 0 | The list of distributed search targets configured in this system. | ||
txnmy_node | 8 | 0 | (Deprecated) Data for all of the nodes in the hierarchical taxonomy tree. The XDAS taxonomy is now used instead of this data structure. | ||
unassigned_incidents_rpt_v | 15 | view | Details of unassigned incidents | ||
user_group_mappings | 2 | 6 | 0 | Association between Sentinel users and groups (aka roles). | |
user_group_permissions | 2 | 7 | 0 | The permissions granted to a Sentinel group (aka role). | |
user_group_tags | 2 | 6 | 0 | (Not yet used) The tags associated with a Sentinel group (aka role). | |
user_groups | 4 | 11 | 0 | Sentinel groups (aka roles). | |
user_tag_permission_rules | 10 | 0 | (Not yet used) Defines the access a Sentinel group (aka role) has on objects tagged with certain tags. | ||
user_tag_permission_rules_v | 10 | view | Defines the access a Sentinel group (aka role) has on objects tagged with certain tags. | ||
user_tag_state | 2 | 6 | 0 | Association of users and tags. | |
user_tag_state_v | 6 | view | Association of users and tags. | ||
users | 4 | 1 | 20 | 0 | The list of Sentinel users |
users_rpt_v | 20 | view | The list of Sentinel users | ||
usr_account | 1 | 14 | 0 | Accounts associated with a user's identity | |
usr_account_rpt_v | 14 | view | Accounts associated with a user's identity | ||
usr_account_trust | 1 | 12 | 0 | Trusts (e.g., roles) associated with a user's identity | |
usr_account_trust_assoc | 6 | 0 | Association between a user's account and trusts | ||
usr_account_trust_history | 8 | 0 | This table keeps track of the association between a user's account and trusts they were part of in the past (but may not be now). | ||
usr_identity | 2 | 20 | 0 | User's Identity information (for example, synchronized from Novell Identity Manager or Microsoft Active Directory) | |
usr_identity_ext_attr | 1 | 3 | 0 | User's extended identity attributes | |
usr_identity_ext_attr_rpt_v | 3 | view | User's extended identity attributes | ||
usr_identity_rpt_v | 20 | view | User's Identity information (for example, synchronized from Novell Identity Manager or Microsoft Active Directory) | ||
usr_trust_type | 1 | 6 | 0 | Table of trust types. | |
vendor_rpt_v | 6 | view | Asset product vendor information | ||
vndr | 1 | 6 | 0 | Asset product vendor information | |
vuln | 3 | 1 | 27 | 0 | Vulnerability details |
vuln_calc_severity_rpt_v | 7 | view | Contains each resource (e.g., a host) scanned by a particular scanner and vulnerabilities | ||
vuln_code | 1 | 9 | 0 | Industry Standard assigned Vulnerability Codes | |
vuln_code_rpt_v | 9 | view | Industry Standard assigned Vulnerability Codes | ||
vuln_info | 1 | 8 | 0 | Additional information reported during scan | |
vuln_info_rpt_v | 8 | view | Additional information reported during scan | ||
vuln_rpt_v | 27 | view | Vulnerability details | ||
vuln_rsrc | 2 | 1 | 15 | 0 | Contains each resource (e.g., a host) scanned by a particular scanner |
vuln_rsrc_rpt_v | 15 | view | Contains each resource (e.g., a host) scanned by a particular scanner | ||
vuln_rsrc_scan | 2 | 6 | 0 | Associates which resources were scanned by a particular scanning operation of a scanner. | |
vuln_rsrc_scan_rpt_v | 6 | view | Associates which resources were scanned by a particular scanning operation of a scanner. | ||
vuln_scan | 2 | 1 | 11 | 0 | A list of each scan operation a scanner performed. |
vuln_scan_rpt_v | 10 | view | A list of each scan operation a scanner performed. | ||
vuln_scan_vuln | 2 | 6 | 0 | Associates which vulnerabilities were found during a particular scan operation. | |
vuln_scan_vuln_rpt_v | 6 | view | Associates which vulnerabilities were found during a particular scan operation. | ||
vuln_scanner | 2 | 10 | 0 | The list of vulnerability scanners whose data was uploaded into the system. | |
vuln_scanner_rpt_v | 10 | view | The list of vulnerability scanners whose data was uploaded into the system. | ||
workflow_def | 6 | 0 | The iTRAC workflow templates. | ||
workflow_def_rpt_v | 6 | view | The iTRAC workflow templates. | ||
workflow_info | 7 | 0 | Associates iTRAC workflow templates with instances of workflow processes. | ||
workflow_info_rpt_v | 7 | view | Associates iTRAC workflow templates with instances of workflow processes. | ||
128 Tables | 1,193 | 1 | |||
87 Views | 857 |