Table SIEM.public.correlated_events Associates a correlation event with the events that triggered the correlation event. This table is used to figure out what caused a correlation rule to fire.
|
Generated by SchemaSpy |
Indexes:
Column(s) | Type | Sort | Constraint Name |
---|---|---|---|
parent_evt_time + parent_evt_id + child_evt_time + child_evt_id | Primary key | Asc/Asc/Asc/Asc | corr_events_p_max_pk |
date_created + parent_evt_id + child_evt_id | Performance | Asc/Asc/Asc | corr_events_dc_pa_ch_idx |
parent_part_id | Performance | Asc | corr_events_parent_part_id_idx |