Novell Home

Sentinel DB Views

This page may be out of date and will be replaced during the Beta; please refer to the interactive schema page for more information.

From Developer Community

Contents

Sentinel Schema ER Diagrams

Advisor

Advisor

Aggregation Service

Aggregation_Service

Asset

Asset

Content Management

Content_Management

Correlation

Correlation

Events

Events

Event Source Management

Event_Source_Management

Event Summaries

Event_Summaries

Incidents

Incidents

Policy Based Archiving

Policy_Based_Archiving

Sentinel Data Manager

Sentinel_Data_Manager

Vulnerability

Vulnerability

Workflow Activity

Workflow_Activity

SQL Server Views

Oracle Views

This section lists the Sentinel™ schema views for Oracle*. The views provide information for developing your own reports (Crystal Reports*). Sentinel defines an event schema that is used to hold the parsed data received from event sources. For more information on the Sentinel Event schema, see Event schema.

Views

Listed below are the views available with Sentinel.

ACTVY_PARM_RPT_V

This view contains information about iTRAC™ activities.

Column Name Datatype Comment
ACTVY_PARM_ID varchar2(36) Activity parameter identifier
ACTVY_ID varchar2(36) Activity identifier
PARM_NAME varchar2(255) Activity Parameter name
PARM_TYP_CD varchar2(1) Activity parameter type code
DATA_TYP varchar2(50) Activity parameter data type
DATA_SUBTYP varchar2(50) Activity parameter data subtype
RQRD_F number (1,0) Required flag
PARM_DESC varchar2(255) Activity parameter description
PARM_VAL varchar2(1000) Activity parameter value
FORMATTER varchar2(255) Activity parameter formatter
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number (38,0) User who created the object
MODIFIED_BY number (38,0) User who last modified the object

ACTVY_REF_PARM_VAL_RPT_V

This view contains information about iTRAC™ activities.

Column Name Datatype Comment
ACTVY_ID varchar2(36) Activity identifier
ACTVY_PARM_ID varchar2(36) Activity parameter identifier
CREATED_BY number(38,0) User who created the object
DATE_CREATED Date Date the entry was created
DATE_MODIFIED Date Date the entry was modified
MODIFIED_BY number(38,0) User who last modified the object
PARM_VAL varchar2(1000) Activity parameter value
SEQ_NUM number(38,0) Sequence number

ACTVY_REF_RPT_V

This view contains information about iTRAC activities.

Column Name Datatype Comment
ACTVY_ID varchar2(36) Activity identifier
SEQ_NUM number(38,0) Sequence number
REFD_ACTVY_ID varchar2(36) Referenced activity identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

ACTVY_RPT_V

This view contains information about iTRAC activities.

Column Name Datatype Comment
ACTVY_ID varchar2(36) Activity identifier
ACTVY_NAME varchar2(255) Activity name
ACTVY_TYP_CD varchar2(1) Activity type code
ACCESS_LVL varchar2(50) Access level
EXEC_LOC varchar2(50) Execution location
ACTVY_DESC varchar2(255) Activity description
PROCESSOR varchar2(255) Processor
INPUT_FORMATTER varchar2(255) Input formatter
OUTPUT_FORMATTER varchar2 (255) Output formatter
APP_NAME varchar2 (25) Application name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number (38,0) User who created object
MODIFIED_BY number (38,0) User who last modified object

ADV_NXS_FEED_V

This view contains information about the Advisor feed files that are processed on a regular schedule.

Column Name Datatype Comment
FILE_NAME varchar (256) The filename of the Advisor feed file.
HASH_VALUE varchar (256) The hash value of the Advisor feed file.
RECORDS_INSERTED number (18,0) The number of records inserted into the database.
RECORDS_UPDATED number (18,0) The number of records updated into the database.
PROCESSING_START_TIME date Time stamp indicating when the processing of the feed files started.
PROCESSING_END_TIME date Time stamp indicating when the processing of the feed files ended.
GENERATION date The unique ID to which each feed file belongs.
DATE_CREATED date Time stamp indicating when the feed file information was entered in the Sentinel database.
DATE_MODIFIED date Time stamp indicating when the feed file information was modified in the Sentinel database.
CREATED_BY number ID of the user who entered the feed file information in the Sentinel database.
MODIFIED_BY number ID of the user who modified the feed file information in the Sentinel database.

ADV_NXS_PRODUCTS_V

This view contains information about all the products that are supported by Novell® for Advisor, which include the Intrusion Detection System (IDS), Vulnerability Scanners, and Knowledge Base (OSVDB, CVE, and Bugtraq).

Column Name Datatype Comment
PRODUCT_ID number The unique ID of the product.
PRODUCT_NAME varchar2 (256 char) Name of the product. For example, Cisco* Secure IDS, Enterasys* Dragon* Network Sensor, or McAfee* IntruShield*.
INTERNAL_NAME varchar2 (256 char) Short name of the product that is used in generating the exploitdetection.csv file. This name is used by Collectors for exploit detection. For example, if the product name is Cisco Secure IDS, the internal name is Secure.
IS_ATTACK number (1,0) This value is 1 if the product is IDS. Otherwise, this value is 0.
IS_VULN number (1,0) This value is 1 if the product is Vulnerability Scanner. Otherwise, this value is 0.
IS_KB number (1,0) This value is 1 if the product is Knowledge Base. Otherwise, this value is 0.
IS_ACTIVE number (1,0) This value is 1 if the product is selected for exploit detection in the Advisor window of Sentinel Control Center. If the value is 0, attacks from this product are not populated in the exploitdetection.csv file.
IS_POPULATE_ATTACK_NAME number (1, 0) This value is 1 by default. If the value is 0, the attack name is not populated in the exploitDetection.csv file.
IS_POPULATE_ATTACK_CODE number (1, 0) This value is 1 by default. If the value is 0, the attack code is not populated in the exploitDetection.csv file.
DATE_CREATED date Time stamp indicating when the product information was entered in the Sentinel database.
DATE_MODIFIED date Time stamp indicating when the product information was modified in the Sentinel database.
CREATED_BY number ID of the user who entered the product information in the Sentinel database.
MODIFIED_BY number ID of the user who modified the product information in the Sentinel database.

ADV_NXS_SIGNATURES_V

This view contains the information about the list of signatures for each product that is supported by Novell for Advisor.

Column Name Datatype Comment
PRODUCT_ID number The unique ID of the product.
SIGNATURE_ID number The unique ID of the signature.
SIGNATURE_NAME varchar2 (256 char) Name of the signature.
PUBLISHED date Time stamp indicating when the signature was published for the product by the vendor.
INSERTED date Time stamp indicating when the signature information was entered in the vendor database.
UPDATED date Time stamp indicating when the signature information was updated in the vendor database.
DATE_CREATED date Time stamp indicating when the signature information was entered in the Sentinel database.
DATE_MODIFIED date Time stamp indicating when the signature information was modified in the Sentinel database.
CREATED_BY number ID of the user who entered the signature information in the Sentinel database.
MODIFIED_BY number ID of the user who modified the signature information in the Sentinel database.

ADV_NXS_MAPPINGS_V

This view contains the mapping information for the products supported by Novell for Advisor. It provides information about the type of mapping between each product including the IDS product signatures, Vulnerability product signatures, and Knowledge Base product signatures.

Column Name Datatype Comment
SOURCE_PRODUCT_ID number The unique ID of the source product.
SOURCE_SIGNATURE_ID number The unique ID of the source signature.
TARGET_PRODUCT_ID number The unique ID of the target product.
TARGET_SIGNATURE_ID number The unique ID of the target signature.
MAPPING_DIRECT number (1, 0) This value is 1 if the mapping is direct.
MAPPING_INDIRECT number (1, 0) This value is 1 if the mapping is indirect.
MAPPING_NGRAM number (1, 0) This value is 1 if the mapping is n-gram.
INSERTED date Time stamp indicating when the mapping information was entered in the vendor database.
UPDATED date Time stamp indicating when the mapping was updated in the vendor database.
IS_DELETED number (1, 0) This value is 1 if the mapping is marked as invalid.
DELETED date Time stamp indicating when the mapping was marked as invalid.
DATE_CREATED date Time stamp indicating when the mapping information was entered in the Sentinel database.
DATE_MODIFIED date Time stamp indicating when the mapping information was modified in the Sentinel database.
CREATED_BY number ID of the user who entered the mapping information in the Sentinel database.
MODIFIED_BY number ID of the user who modified the mapping information in the Sentinel database.

ADV_OSVDB_DETAILS_V

This view contains information about the known vulnerabilities from the OSVDB for the products supported by Novell for Advisor. It also stores the classifications to which the vulnerability applies.

Column Name Datatype Comment
OSVDB_ID number The unique ID of the vulnerability in the OSVDB.
OSVDB_TITLE clob The normalized name of the vulnerability.
DESCRIPTION clob A brief description of the vulnerability.
URGENCY number Indicates the urgency of the vulnerability. The rating is 1- 10. The higher the number, the more urgent the vulnerability.
SEVERITY number Indicates the severity of the vulnerability. The rating is 1- 10. The higher the number, the more urgent the vulnerability.
ATTACK_TYPE_AUTH_MANAGE number (1, 0) This value is 1 if the attack type is authentication management. For example, brute force attack, default password, and cookie poisoning.
ATTACK_TYPE_CRYPT number (1, 0) This value is 1 if the attack type is cryptographic. For example, weak encryption (implementation or algorithm), no encryption (plaintext), and sniffing.
ATTACK_TYPE_DOS number (1, 0) This value is 1 if the attack type is denial of service. For example, saturation flood, crash, lock up, and forced reboot.
ATTACK_TYPE_HIJACK number (1, 0) This value is 1 if the attack type is hijack. For example, man-in-the-middle attacks, IP spoofing, session timeout or take-over, and session replay.
ATTACK_TYPE_INFO_DISCLOSE number (1, 0) This value is 1 if the attack type is information disclosure. For example, comments, passwords, fingerprinting, and system information.
ATTACK_TYPE_INFRASTRUCT number (1, 0) This value is 1 if the attack type is infrastructure. For example, DNS poisoning and route manipulation.
ATTACK_TYPE_INPUT_MANIP number (1, 0) This value is 1 if the attack type is input manipulation. For example, XSS, SQL injection, file retrieval, directory traversal, overflows, and URL encoding.
ATTACK_TYPE_MISS_CONFIG number (1, 0) This value is 1 if the attack type is misconfiguration. For example, default files, debugging enabled, and directory indexing.
ATTACK_TYPE_RACE number (1, 0) This value is 1 if the attack type is race condition. For example, symlink.
ATTACK_TYPE_OTHER number (1, 0) This value is 1 if the attack type does not fall under any of the above attack types.
ATTACK_TYPE_UNKNOWN number (1, 0) This value is 1 if the attack type is unknown.
IMPACT_CONFIDENTIAL number (1, 0) This value is 1 if the impact of the attack(s) is loss of confidential information. For example, passwords, server information, environment variables, confirmation of file existence, path disclosure, file content access, and SQL injection.
IMPACT_INTEGRITY number (1, 0) This value is 1 if the impact of the attack(s) is loss of integrity, which results in data modifications by unauthorized persons. For example, unauthorized file modification, deletion, or creation, remote file inclusion, and arbitrary command execution.
IMPACT_AVAILABLE number (1, 0) This value is 1 if the impact of the attack is loss of availability of a service or information.
IMPACT_UNKNOWN number (1, 0) This value is 1 if the impact of the attack is unknown.
EXPLOIT_AVAILABLE number (1, 0) This value is 1 if an exploit is available for the vulnerability.
EXPLOIT_UNAVAILABLE number (1, 0) This value is 1 if an exploit is not available for the vulnerability.
EXPLOIT_RUMORED number (1, 0) This value is 1 if an exploit is rumored to exist for the vulnerability.
EXPLOIT_UNKNOWN number (1, 0) This value is 1 if an exploit is unknown for the vulnerability.
VULN_VERIFIED number (1, 0) This value is 1 if the existence of the vulnerability has been verified.
VULN_MYTH_FAKE number (1, 0) This value is 1 if the vulnerability is a myth or a false alarm.
VULN_BEST_PRAC number (1, 0) This value is 1 if the vulnerability is a result of not following the best practices in the configuration or usage of the vulnerable system or software.
VULN_CONCERN number (1, 0) This value is 1 if the vulnerability requires additional concern for remediation.
VULN_WEB_CHECK number (1, 0) This value is 1 if the vulnerability is a common problem in Web servers or Web applications.
ATTACK_SCENARIO clob Description of how a vulnerability can be exploited.
SOLUTION_DESCRIPTION clob Description of the solution that is used to fix the vulnerability.
FULL_DESCRIPTION clob The complete description of the vulnerability.
LOCATION_PHYSICAL number (1, 0) This value is 1 if the vulnerability can be exploited with only physical system access<literal/>.
LOCATION_LOCAL number (1, 0) This value is 1 if the vulnerability can be exploited on a local system.
LOCATION_REMOTE number (1, 0) This value is 1 if the vulnerability can be exploited on a remote system.
LOCATION_DIALUP number (1, 0) This value is 1 if the vulnerability can be exploited using a dial-up connection.
LOCATION_UNKNOWN number (1, 0) This value is 1 if the vulnerability is exploited in an unknown location.
PUBLISHED date Time stamp indicating when the vulnerability was published in the OSVDB.
INSERTED date Time stamp indicating when the vulnerability was inserted in the vendor database.
UPDATED date Time stamp indicating when the vulnerability was updated in the vendor database.
DATE_CREATED date Time stamp indicating when the vulnerability information was entered in the Sentinel database.
DATE_MODIFIED date Time stamp indicating when the vulnerability information was modified in the Sentinel database.
CREATED_BY number The ID of the user who entered the vulnerability information in the Sentinel database.
MODIFIED_BY number The ID of the user who modified the vulnerability information in the Sentinel database.

ADV_NXS_KB_PATCH_V

This view contains information about the patches that are required to remove the vulnerabilities.

Column Name Datatype Comment
ID number The unique ID for the row.
OSVDB_ID number The ID of the vulnerability in the OSVDB.
TYPE_NAME varchar2 (128 char) The type of the patch used to remove the vulnerability.
TYPE_ID number The unique ID of the patch.
REF_VALUE clob The URL that has the patch information.
DATE_CREATED date Time stamp indicating when the patch information was entered in the Sentinel database.
DATE_MODIFIED date Time stamp indicating when the patch information was modified in the Sentinel database.
CREATED_BY number The ID of the user who entered the patch information in the Sentinel database.
MODIFIED_BY number The ID of the user who modified the patch information in the Sentinel database.

ADV_NXS_KB_PRODUCTSREF_V

This view contains the information about the products that are affected by the vulnerability.

Column Name Datatype Comment
ID number The unique ID for the row.
OSVDB_ID number The ID of the vulnerability in the OSVDB.
VENDOR_NAME varchar2 (128 char) Name of the vendor of the product that is affected by the vulnerability.
VERSION_NAME varchar2 (128 char) Version of the product that is affected by the vulnerability.
BASE_NAME varchar2 (128 char) Name of the product that is affected by the vulnerability.
TYPE_NAME varchar2 (128 char) Indicates whether the product is affected by the vulnerability or not.
DATE_CREATED date Time stamp indicating when the product information was entered in the Sentinel database.
DATE_MODIFIED date Time stamp indicating when the product information was modified in the Sentinel database.
CREATED_BY number The ID of the user who entered the product information in the Sentinel database.
MODIFIED_BY number The ID of the user who modified the product information in the Sentinel database.

ASSET_CATEGORY_RPT_V

This iew references ASSET_CTGRY table that stores information about asset categories

Column Name Datatype Comment
ASSET_CATEGORY_ID number(38) Asset category identifier
ASSET_CATEGORY_NAME varchar2(100) Asset category name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ASSET_HOSTNAME_RPT_V

This view references ASSET_HOSTNAME table that stores information about alternate host names for assets.

Column Name Datatype Comment
ASSET_HOSTNAME_ID varchar2(36) Asset alternate hostname identifier
PHYSICAL_ASSET_ID varchar2(36) Physical asset identifier
HOST_NAME varchar2(255) Host name
CUST_ID number(38) Customer identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ASSET_IP_RPT_V

This view references ASSET_IP table that stores information about alternate IP addresses for assets.

Column Name Datatype Comment
ASSET_IP_ID varchar2(36) Asset alternate IP identifier
PHYSICAL_ASSET_ID varchar2(36) Physical asset identifier
IP_ADDRESS number(38) Asset IP address
CUST_ID number(38) Customer identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ASSET_LOCATION_RPT_V

This view references ASSET_LOC table that stores information about asset locations.

Column Name Datatype Comment
LOCATION_ID number(38) Location identifier
CUST_ID number(38) Customer identifier
BUILDING_NAME varchar2(255) Building name
ADDRESS_LINE_1 varchar2(255) Address line 1
ADDRESS_LINE_2 varchar2(255) Address line 2
CITY varchar2(100) City
STATE varchar2(100) State
COUNTRY varchar2(100) Country
ZIP_CODE varchar2(50) Zip code
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ASSET_RPT_V

This view references ASSET table that stores information about the physical and soft assets.

Column Name Datatype Comment
ASSET_ID varchar2(36) Asset identifier
CUST_ID number(38) Customer identifier
ASSET_NAME varchar2(255) Asset name
PHYSICAL_ASSET_ID varchar2(36) Physical asset identifier
PRODUCT_ID number(38) Product identifier
ASSET_CATEGORY_ID number(38) Asset category identifier
ENVIRONMENT_IDENTITY_ID number(38) Environment identify code
PHYSICAL_ASSET_IND number(1) Physical asset indicator
ASSET_VALUE_ID number(38) Asset value code
CRITICALITY_ID number(38) Asset criticality code
SENSITIVITY_ID number(38) Asset sensitivity code
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ASSET_VALUE_RPT_V

This view references ASSET_VAL_LKUP table that stores information about the asset value.

Column Name Datatype Comment
ASSET_VALUE_ID number(38) Asset value code
ASSET_VALUE_NAME varchar2(50) Asset value name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ASSET_X_ENTITY_X_ROLE_RPT_V

This view references ASSET_X_ENTITY_X_ROLE table that associates a person or an organization to an asset.

Column Name Datatype Comment
PERSON_ID varchar2(36) Person identifier
ORGANIZATION_ID varchar2(36) Organization identifier
ROLE_CODE varchar2(5) Role code
ASSET_ID varchar2(36) Asset identifier
ENTITY_TYPE_CODE varchar2(5) Entity type code
PERSON_ROLE_SEQUENCE number(38) Order of persons under a particular role
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ASSOCIATIONS_RPT_V

This view references ASSOCIATIONS table that associates users to incidents, incidents to annotations and so on.

Column Name Datatype Comment
TABLE1 varchar2(64) Table name 1. For example, incidents
ID1 varchar2(36) ID1. For example, incident ID.
TABLE2 varchar2(64) Table name 2. For example, users.
ID2 varchar2(36) ID2. For example, user ID.
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

ATTACHMENTS_RPT_V

This view references ATTACHMENTS table that stores attachment data.

Column Name Datatype Comment
ATTACHMENT_ID number Attachment identifier
NAME varchar2(255) Attachment name
SOURCE_REFERENCE varchar2(64) Source reference
TYPE varchar2(32) Attachment type
SUB_TYPE varchar2(32) Attachment subtype
FILE_EXTENSION varchar2(32) File extension
ATTACHMENT_DESCRIPTION varchar2(255) Attachment description
DATA clob Attachment data
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

AUDIT_RECORD_RPT_V

This view references AUDIT_RECORD table that stores Sentinel internal audit data.

Column Name Datatype Comment
AUDIT_ID varchar2(36) Audit record identifier
AUDIT_TYPE varchar2(255) Audit type
SRC varchar2(255) Audit source
SENDER_HOSTNAME varchar2(255) Sender hostname
SENDER_HOST_IP varchar2(255) Sender host IP
SENDER_CONTAINER varchar2(255) Sender container name
SENDER_ID varchar2(255) Sender Identifier
CLIENT varchar2(255) Client application that requested audit
EVT_NAME varchar2(255) Event name
RES varchar2(255) Event resource
SRES varchar2(255) Event sub-resource
MSG varchar2(500) Event message
CREATED_BY number(0) User who created object
MODIFIED_BY number(0) User who last modified object
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified

CONFIGS_RPT_V

This view references CONFIGS table that stores general configuration information of the application.

Column Name Datatype Comment
USR_ID varchar2(32) User name.
APPLICATION varchar2(255) Application identifier
UNIT varchar2(64) Application unit
VALUE varchar2(255) Text value if any
DATA clob XML data
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

CONTACTS_RPT_V

This view references CONTACTS table that stores contact information.

Column Name Datatype Comment
CNT_ID number Contact ID - Sequence number
FIRST_NAME varchar2(20) Contact first name.
LAST_NAME varchar2(30) Contact last name.
TITLE varchar2(128) Contact title
DEPARTMENT varchar2(128) Department
PHONE varchar2(64) Contact phone
EMAIL varchar2(255) Contact e-mail
PAGER varchar2(64) Contact pager
CELL varchar2(64) Contact cell phone
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

CORRELATED_EVENTS_RPT_V (legacy view)

This view is provided for backward compatibility. New reports should use CORRELATED_EVENTS_RPT_V1.

CORRELATED_EVENTS_RPT_V1

This vew contains current and historical correlated events (correlated events imported from archives).

Column Name Datatype Comment
PARENT_EVT_ID varchar2(36) Event Universal Unique Identifier (UUID) of parent event
CHILD_EVT_ID varchar2(36) Event Universal Unique Identifier (UUID) of child event
PARENT_EVT_TIME date Parent event time
CHILD_EVT_TIME date Child event time
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

CRITICALITY_RPT_V

This view references CRIT_LKUP table that contains information about asset criticality.

Column Name Datatype Comment
CRITICALITY_ID number(38) Asset criticality code
CRITICALITY_NAME varchar2(50) Asset criticality name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

CUST_HIERARCHY_V

This view references CUST_HIERARCHY table that stores information about MSSP customer hierarchy.

Column Name Datatype Comment
CUST_HIERARCHY_ID number(38) Customer hierarchy ID
CUST_NAME varchar2(255) Customer
CUST_HIERARCHY_LVL1 varchar2(255) Customer hierarchy level 1
CUST_HIERARCHY_LVL2 varchar2(255) Customer hierarchy level 2
CUST_HIERARCHY_LVL3 varchar2(255) Customer hierarchy level 3
CUST_HIERARCHY_LVL4 varchar2(255) Customer hierarchy level 4
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

CUST_RPT_V

This view references CUST table that stores customer information for MSSPs.

Column Name Datatype Comment
CUST_ID number(38) Customer identifier
CUSTOMER_NAME varchar2(255) Customer name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ENTITY_TYPE_RPT_V

This view references ENTITY_TYP table that stores information about entity types (person, organization).

Column Name Datatype Comment
ENTITY_TYPE_CODE varchar2(5) Entity type code
ENTITY_TYPE_NAME varchar2(50) Entity type name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ENV_IDENTITY_RPT_V

This view references ENV_IDENTITY_LKUP table that stores information about asset environment identity.

Column Name Datatype Comment
ENVIRONMENT_IDENTITY_ID number(38) Environment identity code
ENV_IDENTITY_NAME varchar2(255) Environment identity name
DATE_CREATED Date Date the entry was created
DATE_MODIFIED Date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ESEC_CONTENT_GRP_CONTENT_RPT_V

This view contains information about Solution Packs.

Column Name Datatype Comment
CONTENT_GRP_ID varchar2(36) Content group identifier
CONTENT_ID varchar2(255) Content identifier
CONTENT_TYP varchar2(100) Content type
CONTENT_HASH varchar2(255) Content hash
DATE_CREATED Date Date the entry was created
DATE_MODIFIED Date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

ESEC_CONTENT_GRP_RPT_V

This view contains information about Solution Packs.

Column Name Datatype Comment
CONTENT_GRP_ID varchar2(36) Content group identifier
CONTENT_GRP_NAME varchar2(255) Content group name
CONTENT_GRP_DESC Clob Content group description
CTRL_ID varchar2(36) Control identifier
CONTENT_EXTERNAL_ID varchar2(255) Content external identifier
DATE_CREATED Date Date the entry was created
DATE_MODIFIED Date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

ESEC_CONTENT_PACK_RPT_V

This view contains information about Solution Packs.

Column Name Datatype Comment
CONTENT_PACK_ID varchar2(36) Content pack identifier
CONTENT_PACK_DESC Clob Content pack description
CONTENT_PACK_NAME varchar2(255) Content pack name
CONTENT_EXTERNAL_ID varchar2(255) Content external identifier
DATE_MODIFIED Date Date the entry was modified
DATE_CREATED Date Date the entry was created
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

ESEC_CONTENT_RPT_V

This view contains information about Solution Packs.

Column Name Datatype Comment
CONTENT_PACK_ID varchar2(36) Content pack identifier
CONTENT_ID varchar2(255) Content identifier
CONTENT_NAME varchar2(255) Content name
CONTENT_STATE number(38,0) Content state
CONTENT_TYP varchar2(100) Content type
CONTENT_DESC Clob Content description
CONTENT_CONTEXT Clob Content context
CONTENT_HASH varchar2(255) Content hash
DATE_CREATED Date Date the entry was created
DATE_MODIFIED Date Date the entry was modified
MODIFIED_BY number(38,0) User who last modified object
CREATED_BY number(38,0) User who created object

ESEC_CTRL_CTGRY_RPT_V

This view contains information about Solution Packs.

Column Name Datatype Comment
CTRL_CTGRY_ID varchar2(36) Control category identifier
CTRL_CTGRY_DESC Clob Control category description
CTRL_CTGRY_NAME varchar2(255) Control category name
CONTENT_PACK_ID varchar2(36) Content pack identifier
CONTENT_EXTERNAL_ID varchar2(255) Content external identifier
DATE_CREATED Date Date the entry was created
DATE_MODIFIED Date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

ESEC_CTRL_RPT_V

This view contains information about Solution Packs.

Column Name Datatype Comment
CTRL_ID varchar2(36) Control identifier
CTRL_NAME varchar2(255) Control name
CTRL_DESC clob Control description
CTRL_STATE number(38,0) Control state
CTRL_NOTES clob Control notes
CTRL_CTGRY_ID varchar2(36) Control category identifier
CONTENT_EXTERNAL_ID varchar2(255) Content external identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

ESEC_DISPLAY_RPT_V

This view references ESEC_DISPLAY table that stores displayable properties of objects. Currently used in renaming meta-tags. Used with Event Configuration (Business Relevance).

Column Name Datatype Comment
DISPLAY_OBJECT varchar2(32) The parent object of the property
TAG varchar2(32) The native tag name of the property
LABEL varchar2(32) The display string of tag.
POSITION number Position of tag within display.
WIDTH number The column width
ALIGNMENT number The horizontal alignment
FORMAT number The enumerated formatter for displaying the property
ENABLED varchar2(1) Indicates if the tag is shown.
TYPE number Indicates datatype of tag.
1 = string
2 = ulong
3 = date
4 = uuid
5 = ipv4
DESCRIPTION varchar2(255) Textual description of the tag
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object
REF_CONFIG varchar2(4000) Referential data configuration

ESEC_PORT_REFERENCE_RPT_V

This view references ESEC_PORT_REFERENCE table that stores industry standard assigned port numbers.

Column Name Datatype Comment
PORT_NUMBER number Per http://www.iana.org/assignments/port-numbers, the numerical representation of the port. This port number is typically associated with the Transport Protocol level in the TCP/IP stack.
PROTOCOL_NUMBER number Per http://www.iana.org/assignments/protocol-numbers, the numerical identifiers used to represent protocols that are encapsulated in an IP packet.
PORT_KEYWORD varchar2(64) Per http://www.iana.org/assignments/port-numbers, the keyword representation of the port.
PORT_DESCRIPTION varchar2(512) Port description.
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

ESEC_PROTOCOL_REFERENCE_RPT_V

This view references ESEC_PROTOCOL_REFERENCE table that stores industry standard assigned protocol numbers.

Column Name Datatype Comment
PROTOCOL_NUMBER number Per http://www.iana.org/assignments/protocol-numbers, the numerical identifiers used to represent protocols that are encapsulated in an IP packet.
PROTOCOL_KEYWORD varchar2(64) Per http://www.iana.org/assignments/protocol-numbers, the keyword used to represent protocols that are encapsulated in an IP packet.
PROTOCOL_DESCRIPTION varchar2(512) IP packet protocol description.
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

ESEC_SEQUENCE_RPT_V

This view references ESEC_SEQUENCE table that’s used to generate primary key sequence numbers for Sentinel tables.

Column Name Datatype Comment
TABLE_NAME varchar2(32) Name of the table.
COLUMN_NAME varchar2(255) Name of the column
SEED number Current value of primary key field.
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

ESEC_UUID_UUID_ASSOC_RPT_V

This view contains information about object relationships. Used internally by Sentinel and not for reporting purposes.

Column Name Datatype Comment
OBJECT1 varchar2(64) Object 1
ID1 varchar2(36) UUID for object 1
OBJECT2 varchar2(64) Object 2
ID2 varchar2(36) UUID for object 2
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

EVENTS_ALL_RPT_V (legacy view)

This view is provided for backward compatibility. View contains current and historical events (events imported from archives).

EVENTS_ALL_RPT_V1 (legacy view)

This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2. View contains current events.

EVENTS_RPT_V (legacy view)

This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2. View contains current and historical events.

EVENTS_RPT_V1 (legacy view)

This view is provided for backward compatibility. New reports should use EVENT_ALL_RPT_V. View contains current events.

EVENTS_RPT_V2

This is the primary reporting view for Sentinel 6.0. This view contains current event and historical events. It is included for legacy reports but has been replaced in Sentinel 6.1 with EVENTS_RPT_V3.

Column Name Datatype Comment
EVENT_ID varchar2(36) Event identifier
RESOURCE_NAME varchar2(255) Resource name
SUB_RESOURCE varchar2(255) Subresource name
SEVERITY integer Event severity
EVENT_PARSE_TIME date Event time
EVENT_DATETIME date Event time
EVENT_DEVICE_TIME date Event device time
SENTINEL_PROCESS_TIME date Sentinel process time
BEGIN_TIME date Events begin time
END_TIME date Events end time
REPEAT_COUNT integer Events repeat count
DESTINATION_PORT_INT integer Destination port (integer)
SOURCE_PORT_INT integer Source port (integer)
BASE_MESSAGE varchar2(4000) Base message
EVENT_NAME varchar2(255) Name of the event as reported by the sensor
EVENT_TIME varchar2(255) Event time as reported by the sensor
CUST_ID integer Customer identifier
SOURCE_ASSET_ID integer Source asset identifier
DESTINATION_ASSET_ID integer Destination asset identifier
AGENT_ID integer Collector identifier
PROTOCOL_ID integer Protocol identifier
ARCHIVE_ID integer Archive identifier
SOURCE_IP integer Source IP address in numeric format
SOURCE_IP_DOTTED varchar2(16) Source IP in dotted format
SOURCE_HOST_NAME varchar2(255) Source host name
SOURCE_PORT varchar2(32) Source port
DESTINATION_IP integer Destination IP address in numeric format
DESTINATION_IP_DOTTED varchar2(16) Destination in dotted format
DESTINATION_HOST_NAME varchar2(255) Destination host name
DESTINATION_PORT varchar2(32) Destination port
SOURCE_USER_NAME varchar2(255) Source user name
DESTINATION_USER_NAME varchar2(255) Destination user name
FILE_NAME varchar2(1000) File name
EXTENDED_INFO varchar2(1000) Extended information
CUSTOM_TAG_1 varchar2(255) Customer Tag 1
CUSTOM_TAG 2 varchar2(255) Customer Tag 2
CUSTOM_TAG 3 integer Customer Tag 3
RESERVED_TAG_1 varchar2(255) Reserved Tag 1
Reserved for future use by Novell. This field is used for Advisor information concerning attack descriptions.
RESERVED_TAG_2 varchar2(255) Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.
RESERVED_TAG_3 integer Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.
VULNERABILITY_RATING integer Vulnerability rating
CRITICALITY_RATING integer Criticality rating
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY integer User who created object
MODIFIED_BY integer User who last modified object
RV01 - 10 integer Reserved Value 1 - 10
Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.
RV11 - 20 date Reserved Value 1 - 31
Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.
RV21 - 25 varchar2(36) Reserved Value 21 - 25
Reserved for future use by Novell to store UUIDs. Use of this field for any other purpose might result in data being overwritten by future functionality.
RV26 - 31 varchar2(255) Reserved Value 26 - 31
Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.
RV33 varchar2(255) Reserved Value 33
Reserved for EventContex
Use of this field for any other purpose might result in data being overwritten by future functionality.
RV34 varchar2(255) Reserved Value 34
Reserved for SourceThreatLevel
Use of this field for any other purpose might result in data being overwritten by future functionality.
RV35 varchar2(255) Reserved Value 35
Reserved for SourceUserContext.
Use of this field for any other purpose might result in data being overwritten by future functionality.
RV36 varchar2(255) Reserved Value 36
Reserved for DataContext.
Use of this field for any other purpose might result in data being overwritten by future functionality.
RV37 varchar2(255) Reserved Value 37
Reserved for SourceFunction.
Use of this field for any other purpose might result in data being overwritten by future functionality.
RV38 varchar2(255) Reserved Value 38
Reserved for SourceOperationalContext.
Use of this field for any other purpose might result in data being overwritten by future functionality.
RV40 - 43 varchar2(255) Reserved Value 40 - 43
Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.
RV44 varchar2(255) Reserved Value 44
Reserved for DestinationThreatLevel.
Use of this field for any other purpose might result in data being overwritten by future functionality.
RV45 varchar2(255) Reserved Value 45
Reserved for DestinationUserContext.
Use of this field for any other purpose might result in data being overwritten by future functionality.
RV46 varchar2(255) Reserved Value 46
Reserved for VirusStatus.
Use of this field for any other purpose might result in data being overwritten by future functionality.
RV47 varchar2(255) Reserved Value 47
Reserved for future use by Novell. Use of this field for any other purpose might result in
data being overwritten by future functionality.
RV48 varchar2(255) Reserved Value 48
Reserved for DestinationOperationalContext.
Use of this field for any other purpose might result in data being overwritten by future functionality.
RV49 varchar2(255) Reserved Value 49
Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.
TAXONOMY_ID integer
REFERENCE_ID_01 - 20 integer Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.
CV01 - 10 integer Custom Value 1 - 10
Reserved for use by Customer, typically for association of Business relevant data
CV11 - 20 date Custom Value 11 - 20
Reserved for use by Customer, typically for association of Business relevant data
CV21 - 29 varchar2(255) Custom Value 21 – 100
Reserved for use by Customer, typically for association of Business relevant data
CV30 - 34 varchar2(4000)
CV35 – 100 varchar2(255)

EVENTS_RPT_V3

This is the primary reporting view for Sentinel 6.1. This view contains current event and historical events. It is included for legacy reports.

Column Name Datatype Comment
EVENT_ID varchar2(36) Event identifier
RESOURCE_NAME varchar2(255)
SUB_RESOURCE varchar2(255) Subresource name
SEVERITY number(38,0) Event severity
EVENT_PARSE_TIME date Event time
EVENT_DATETIME date
EVENT_DEVICE_TIME date Event device time
SENTINEL_PROCESS_TIME date Sentinel process time
BEGIN_TIME date Events begin time
END_TIME date Events end time
REPEAT_COUNT number(38,0)
TARGET_SERVICE_PORT number(38,0) Target service port
INIT_SERVICE_PORT number(38,0)
BASE_MESSAGE varchar2(4000)
EVENT_NAME varchar2(255)
EVENT_TIME varchar2(255) Event time
CUST_ID number(38,0)
INIT_ASSET_ID number(38,0) Initiator asset identifier
TARGET_ASSET_ID number(38,0) Target asset identifier
AGENT_ID number(38,0)
PROTOCOL_ID number(38,0)
ARCHIVE_ID number(38,0)
INIT_IP number(38,0)
INIT_IP_DOTTED varchar2(4000)
INIT_HOST_NAME varchar2(255)
INIT_SERVICE_PORT_NAME varchar2(32)
TARGET_IP number(38,0)
TARGET_IP_DOTTED varchar2(4000)
TARGET_HOST_NAME varchar2(255)
TARGET_SERVICE_PORT_NAME varchar2(32)
INIT_USER_NAME varchar2(255) The initiating user's account name (SourceUsername).
TARGET_USER_NAME varchar2(255)
FILE_NAME varchar2(1000)
EXTENDED_INFO varchar2(1000)
CUSTOM_TAG_1 varchar2(255) Customer Tag 1
CUSTOM_TAG_2 varchar2(255) Customer Tag 2
CUSTOM_TAG_3 number(38,0) Customer Tag 3
RESERVED_TAG_1 varchar2(255)
RESERVED_TAG_2 varchar2(255)
RESERVED_TAG_3 number(38,0)
VULNERABILITY_RATING number(38,0)
CRITICALITY_RATING number(38,0)
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object
RV01 number(38,0)
EVENT_METRIC number(38,0) Event metric
DATA_TAG_ID number(38,0) Data tag ID
RV04-RV10 number(38,0)
RV11-RV20 date
RV21- RV28 varchar2(255)
INIT_IP_COUNTRY varchar2(255)
TARGET_IP_COUNTRY varchar2(255)
RV31 varchar2(255)
RV33 varchar2(255)
INIT_THREAT_LEVEL varchar2(255) Initiator threat level
INIT_USER_DOMAIN varchar2(255) The domain (namespace) in which the initiating account exists.
RV36 varchar2(255)
INIT_FUNCTION varchar2(255) Initiator function
INIT_OPERATIONAL_CONTEXT varchar2(255) Initiator operational context
RV40 varchar2(255)
TARGET_HOST_DOMAIN varchar2(255) Target host domain
INIT_HOST_DOMAIN varchar2(255)
RV43 varchar2(255)
TARGET_THREAT_LEVEL varchar2(255) Target threat level
TARGET_USER_DOMAIN varchar2(255) Target user domain
RV46 varchar2(255)
TARGET_FUNCTION varchar2(255) Target function
TARGET_OPERATIONAL_CONEXT varchar2(255) Target operational context
RV49 varchar2(255)
TAXONOMY_ID number(38,0) Taxonomy identifier
REFERENCE_ID_01-REFERENCE_ID_20 number(38,0)
CV01-CV10 number(38,0)
CV11-CV20 date
CV21- CV29 varchar2(255)
CV30- CV34 varchar2(4000)
CV35- CV100 varchar2(255)
INIT_USER_ID varchar2(255) The initiating account's source-specific identifier as determined by the Collector based on raw device data.
INIT_USER_IDENTITY varchar2(36) The internal UUID of the identity associated with the initiating account.
TARGET_USER_ID varchar2(255) Target user ID
TARGET_USER_IDENTITY varchar2(36) Target user identity
EFFECTIVE_USER_NAME varchar2(255) Effective user name
EFFECTIVE_USER_ID varchar2(255) Effective user ID
EFFECTIVE_USER_DOMAIN varchar2(255) Effective user domain
TARGET_TRUST_NAME varchar2(255) Target trust name
TARGET_TRUST_ID varchar2(255) Target trust ID
TARGET_TRUST_DOMAIN varchar2(255) Target trust domain
OBSERVER_IP number(38,0) Observer IP address in numeric format
REPORTER_IP number(38,0) Reporter IP address in numeric format
OBSERVER_HOST_DOMAIN varchar2(255) Observer host domain
REPORTER_HOST_DOMAIN varchar2(255) Reporter host domain
OBSERVER_ASSET_ID varchar2(255) Observer asset identifier
REPORTER_ASSET_ID varchar2(255) Reporter asset identifier
INIT_SERVICE_COMP varchar2(255) Initiator service component
TARGET_SERVICE_COMP varchar2(255) Target service component
EVENT_GROUP_ID varchar2(255)
CUSTOMER_VAR_101-CUSTOMER_VAR_110 number(38,0)
CUSTOMER_VAR_111-CUSTOMER_VAR_120 date
CUSTOMER_VAR_121-CUSTOMER_VAR_130 varchar2(36)
CUSTOMER_VAR_131-CUSTOMER_VAR_140 number(38,0)
CUSTOMER_VAR_141-CUSTOMER_VAR_150 varchar2(255)

EVT_AGENT_RPT_V

View references EVT_AGENT table that stores information about Collectors.

Column Name Datatype Comment
AGENT_ID number(38) Collector identifier
CUST_ID number(38)
AGENT varchar2(64) Collector name
PORT varchar2(64) Collector port
REPORT_NAME varchar2(255) Reporter name
PRODUCT_NAME varchar2(255) Product name
SENSOR_NAME varchar2(255) Sensor name
SENSOR_TYPE varchar2(5) Sensor type:
H - host-based
N - network-based
V - virus
O – other
DEVICE_CATEGORY varchar2(255) Device category
SOURCE_UUID varchar2(36) Source component Universal Unique Identifier (UUID)
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

EVT_AGENT_RPT_V3

View references EVT_AGENT table that stores information about Collectors. The column names in this view reflects the name change of Sensor to Observer. This view is designed for use in Sentinel 6.1.

Column Name Datatype Comment
AGENT_ID number(38,0) Collector identifier
CUST_ID number(38,0) Customer identifier
AGENT varchar2(64) Collector
PORT varchar2(64) Port
REPORTER_HOST_NAME varchar2(255) Reporter host name
PRODUCT_NAME varchar2(255)
OBSERVER_HOST_NAME varchar2(255)
SENSOR_TYPE varchar2(5) Sensor type:
H - host-based
N - network-based
V - virus
O - other
DEVICE_CATEGORY varchar2(255) Device category
SOURCE_UUID varchar2(36) Source component Universal Unique Identifier (UUID)
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

EVT_ASSET_RPT_V

View references EVT_ASSET table that stores asset information.

Column Name Datatype Comment
EVENT_ASSET_ID number(38) Event asset identifier
CUST_ID number(38) Customer identifier
ASSET_NAME varchar2(255) Asset name
PHYSICAL_ASSET_NAME varchar2(255) Physical asset name
REFERENCE_ASSET_ID varchar2(100) Reference asset identifier, links to source asset management system.
MAC_ADDRESS varchar2(100) MAC address
RACK_NUMBER varchar2(50) Rack number
ROOM_NAME varchar2(100) Room name
BUILDING_NAME varchar2(255) Building name
CITY varchar2(100) City
STATE varchar2(100) State
COUNTRY varchar2(100) Country
ZIP_CODE varchar2(50) Zip code
ASSET_CATEGORY_NAME varchar2(100) Asset category name
NETWORK_IDENTITY_NAME varchar2(255) Asset network identity name
ENVIRONMENT_IDENTITY_NAME varchar2(255) Environment name
ASSET_VALUE_NAME varchar2(50) Asset value name
CRITICALITY_NAME varchar2(50) Asset criticality name
SENSITIVITY_NAME varchar2(50) Asset sensitivity name
CONTACT_NAME_1 varchar2(255) Name of contact person/organization 1
CONTACT_NAME_2 varchar2(255) Name of contact person/organization 2
ORGANIZATION_NAME_1 varchar2(100) Asset owner organization level 1
ORGANIZATION_NAME_2 varchar2(100) Asset owner organization level 2
ORGANIZATION_NAME_3 varchar2(100) Asset owner organization level 3
ORGANIZATION_NAME_4 varchar2(100) Asset owner organization level 4
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

EVT_ASSET_RPT_V3

View references EVT_ASSET table that stores asset information. This view is designed for Sentinel 6.1.

Column Name Datatype Comment
ASSET_CRITICALITY varchar2(50)
ASSET_CLASS varchar2(100)
ASSET_FUNCTION varchar2(255)
ASSET_DEPARTMENT varchar2(100) Asset department
DATE_CREATED Date Date the entry was created
DATE_MODIFIED Date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

EVT_DEST_EVT_NAME_SMRY_1_RPT_V

View summarizes event count by destination, taxonomy, event name, severity and event time.

Column Name Datatype Comment
DESTINATION_IP number(38) Destination IP address
DESTINATION_EVENT_ASSET_ID number(38) Event asset identifier
TAXONOMY_ID number(38) Taxonomy identifier
EVENT_NAME_ID number(38) Event name identifier
SEVERITY number(38) Event severity
CUST_ID number(38) Customer identifier
EVENT_TIME date Event time
EVENT_COUNT number(38) Event count
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object
DESTINATION_HOST_NAME varchar2(255)

EVT_DEST_SMRY_1_RPT_V

View contains event destination summary information.

Column Name Datatype Comment
DESTINATION_IP number(38) Destination IP address
DESTINATION_EVENT_ASSET_ID number(38) Event asset identifier
DESTINATION_PORT varchar2(32) Destination port
DESTINATION_USER_ID number(38) Destination user identifier
TAXONOMY_ID number(38) Taxonomy identifier
EVENT_NAME_ID number(38) Event name identifier
RESOURCE_ID number(38) Resource identifier
AGENT_ID number(38) Collector identifier
PROTOCOL_ID number(38) Protocol identifier
SEVERITY number(38) Event severity
CUST_ID number(38) Customer identifier
EVENT_TIME date Event time
EVENT_COUNT number(38) Event count
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object
DESTINATION_HOST_NAME varchar2(255)

EVT_DEST_TXNMY_SMRY_1_RPT_V

View summarizes event count by destination, taxonomy, severity and event time.

Column Name Datatype Comment
DESTINATION_IP number(38) Destination IP address
DESTINATION_EVENT_ASSET_ID number(38) Event asset identifier
TAXONOMY_ID number(38) Taxonomy identifier
SEVERITY number(38) Event severity
CUST_ID number(38) Customer identifier
EVENT_TIME date Event time
EVENT_COUNT number(38) Event count
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object
DESTINATION_HOST_NAME varchar2(255)

EVT_NAME_RPT_V

View references EVT_NAME table that stores event name information.

Column Name Datatype Comment
EVENT_NAME_ID number(38) Event name identifier
EVENT_NAME varchar2(255) Event name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

EVT_PORT_SMRY_1_RPT_V

View summarizes event count by destination port, severity and event time.

Column Name Datatype Comment
DESTINATION_PORT varchar2(32) Destination port
SEVERITY number(38) Event severity
CUST_ID number(38) Customer identifier
EVENT_TIME date Event time
EVENT_COUNT number(38) Event count
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

EVT_PRTCL_RPT_V

View references EVT_PRTCL table that stores event protocol information.

Column Name Datatype Comment
PROTOCOL_ID number(38) Protocol identifier
PROTOCOL_NAME varchar2(255) Protocol name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

EVT_PRTCL_RPT_V3

View references EVT_PRTCL table that stores event protocol information.

Column Name Datatype Comment
PROTOCOL_ID number(38,0) Protocol identifier
PROTOCOL varchar2(255) Protocol name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

EVT_RSRC_RPT_V

View references EVT_RSRC table that stores event resource information.

Column Name Datatype Comment
RESOURCE_ID number(38) Resource identifier
CUST_ID number(38) Customer Identifier
RESOURCE_NAME varchar2(255) Resource name
SUB_RESOURCE_NAME varchar2(255) Subresource name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

EVT_SEV_SMRY_1_RPT_V

View summarizes event count by severity and event time.

Column Name Datatype Comment
SEVERITY number(38) Event severity
CUST_ID number(38) Customer identifier
EVENT_TIME date Event time
EVENT_COUNT number(38) Event count
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

EVT_SRC_COLLECTOR_RPT_V

View contains information about the Event Source Management configuration.

Column Name Datatype Comment
EVT_SRC_COLLECTOR_ID varchar2(36) Event source collector identifier
SENTINEL_PLUGIN_ID varchar2(36) Sentinel plug-in identifier
EVT_SRC_MGR_ID varchar2(36) Event source manager identifier
EVT_SRC_COLLECTOR_NAME varchar2(255) Event source collector name
STATE_IND number(1,0) State indicator
EVT_SRC_COLLECTOR_PROPS clob Event source collector prop
MAP_FILTER clob Map filter
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified

EVT_SRC_GRP_RPT_V

View contains information about the Event Source Management configuration.

Column Name Datatype Comment
EVT_SRC_GRP_ID varchar2(36) Event source group identifier
EVT_SRC_COLLECTOR_ID varchar2(36) Event source collector identifier
SENTINEL_PLUGIN_ID varchar2(36) Sentinel plug-in identifier
EVT_SRC_SRVR_ID varchar2(36) Event source server identifier
EVT_SRC_GRP_NAME varchar2(255) Event source group name
STATE_IND number(1,0) State indicator
EVT_SRC_DEFAULT_CONFIG clob Event source default configuration
MAP_FILTER clob Map filter
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified

EVT_SRC_MGR_RPT_V

View contains information about the Event Source Management configuration.

Column Name Datatype Comment
EVT_SRC_MGR_ID varchar2(36) Event source manager identifier
SENTINEL_ID varchar2(36) Sentinel identifier
EVT_SRC_MGR_NAME varchar2(255) Event source manager name
SENTINEL_HOST_ID varchar2(36) Sentinel host identifier
STATE_IND number(1,0) State indicator
EVT_SRC_MGR_CONFIG clob Event source manager configuration
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified

EVT_SRC_OFFSET_RPT_V

View contains information about the Event Source Management configuration.

Column Name Datatype Comment
EVT_SRC_ID varchar2(36) Event source identifier
OFFSET_VAL clob Offset value
OFFSET_TIMESTAMP date Offset timestamp
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified

EVT_SRC_RPT_V

View contains information about the Event Source Management configuration.

Column Name Datatype Comment
EVT_SRC_ID varchar2(36) Event source identifier
EVT_SRC_NAME varchar2(255) Event source name
EVT_SRC_GRP_ID varchar2(36) Event source group identifier
STATE_IND number(1,0) State indicator
MAP_FILTER clob Map filter
EVT_SRC_CONFIG clob Event source configuration
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified

EVT_SRC_SMRY_1_RPT_V

View contains event source and destination summary information.

Column Name Datatype Comment
SOURCE_IP number(38) Source IP address
SOURCE_EVENT_ASSET_ID number(38) Source event asset identifier
SOURCE_PORT varchar2(32) Source port
SOURCE_USER_ID number(38) Source user identifier
TAXONOMY_ID number(38) Taxonomy identifier
EVENT_NAME_ID number(38) Event name identifier
RESOURCE_ID number(38) Resource identifier
AGENT_ID number(38) Collector identifier
PROTOCOL_ID number(38) Protocol identifier
SEVERITY number(38) Event severity
CUST_ID number(38) Customer identifier
EVENT_TIME date Event time
EVENT_COUNT number(38) Event count
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object
SOURCE_HOST_NAME varchar2(255)

EVT_SRC_SRVR_RPT_V

View contains information about the Event Source Management configuration.

Column Name Datatype Comment
EVT_SRC_SRVR_ID varchar2(36) Event source server identifier
EVT_SRC_SRVR_NAME varchar2(255) Event source server name
EVT_SRC_MGR_ID varchar2(36) Event source manager identifier
SENTINEL_PLUGIN_ID varchar2(36) Sentinel plug-in identifier
STATE_IND number(1,0) State indicator
EVT_SRC_SRVR_CONFIG clob Event source server configuration
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified

EVT_TXNMY_RPT_V

View references EVT_TXNMY table that stores event taxonomy information.

Column Name Datatype Comment
TAXONOMY_ID number(38) Taxonomy identifier
TAXONOMY_LEVEL_1 varchar2(100) Taxonomy level 1
TAXONOMY_LEVEL_2 varchar2(100) Taxonomy level 2
TAXONOMY_LEVEL_3 varchar2(100) Taxonomy level 3
TAXONOMY_LEVEL_4 varchar2(100) Taxonomy level 4
DEVICE_CATEGORY varchar2(255)
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

EVT_USR_RPT_V

View references EVT_USR table that stores event user information.

Column Name Datatype Comment
USER_ID number(38) User identifier
USER_NAME varchar2(255) User name
USER_DOMAIN varchar2(255)
CUST_ID number(38) Customer identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

EVT_XDAS_TXNMY_RPT_V

Column Name Datatype Comment
EVENT_TAXONOMY varchar2(255) Event taxonomy name
EVENT_OUTCOME varchar2(255) Event outcome name
XDAS_REGISTRY number(38,0) XDAS registry
XDAS_PROVIDER number(38,0) XDAS provider
XDAS_CLASS number(38,0) XDAS class
XDAS_IDENTIFIER number(38,0) XDAS identifier
XDAS_OUTCOME number(38,0) XDAS outcome
XDAS_DETAIL number(38,0) XDAS detail
XDAS_TAXONOMY_ID number(38,0) XDAS taxonomy identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

EXTERNAL_DATA_RPT_V

View references EXTERNAL_DATA table that stores external data.

Column Name Datatype Comment
EXTERNAL_DATA_ID number External data identifier
SOURCE_NAME varchar2(50) Source name
SOURCE_DATA_ID varchar2(255) Source data identifier
EXTERNAL_DATA clob External data
EXTERNAL_DATA_TYPE varchar2(10) External data type
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

HIST_CORRELATED_EVENTS_RPT_V (legacy view)

This view is provided for backward compatibility. New report should use CORRELATED_EVENTS_RPT_V1 instead.

HIST_EVENTS_RPT_V (legacy view)

This view is provided for backward compatibility. Sentinel 6.0 reports should use EVENTS_RPT_V2 instead. Sentinel 6.1 reports should use EVENTS_RPT_V3 instead.

IMAGES_RPT_V

View references IMAGES table that stores system overview image information.

Column Name Datatype Comment
NAME varchar2(128) Image name
TYPE varchar2(64) Image type
DATA clob Image data
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

INCIDENTS_ASSETS_RPT_V

View references INCIDENTS_ASSETS table that stores information about the assets that makeup incidents created in the Sentinel Console.

Column Name Datatype Comment
INC_ID number Incident identifier – sequence number
ASSET_ID varchar2(36) Asset Universal Unique Identifier (UUID)
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

INCIDENTS_EVENTS_RPT_V

View references INCIDENTS_EVENTS table that stores information about the events that makeup incidents created in the Sentinel Console.

Column Name Datatype Comment
INC_ID number Incident identifier – sequence number
EVT_ID varchar2(36) Event Universal Unique Identifier (UUID)
EVT_TIME date Event time
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

INCIDENTS_RPT_V

View references INCIDENTS table that stores information describing the details of incidents created in the Sentinel Console.

Column Name Datatype Comment
INC_ID number Incident identifier – sequence number
NAME varchar2(255) Incident name
SEVERITY number Incident severity
STT_ID number Incident State ID
SEVERITY_RATING varchar2(32) Average of all the event severities that comprise an incident.
VULNERABILITY_RATING varchar2(32) Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.
CRITICALITY_RATING varchar2(32) Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object
INC_DESC varchar2(4000) Incident description
INC_CAT varchar2(255) Incident category
INC_PRIORITY number Incident priority
INC_RES varchar2(4000) Incident resolution

INCIDENTS_VULN_RPT_V

View references INCIDENTS_VULN table that stores information about the vulnerabilities that makeup incidents created in the Sentinel Console.

Column Name Datatype Comment
INC_ID number Incident identifier – sequence number
VULN_ID varchar2(36) Vulnerability Universal Unique Identifier (UUID)
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

L_STAT_RPT_V

View references L_STAT table that stores statistical information.

Column Name Datatype Comment
RES_NAME varchar2(32) Resource name
STATS_NAME varchar2(32) Statistic name
STATS_VALUE varchar2(32) Value of the statistic
OPEN_TOT_SECS number(38) Number of seconds since 1970.

LOGS_RPT_V

View references LOGS_RPT table that stores logging information.

Column Name Datatype Comment
LOG_ID number Sequence number
TIME date Date of Log
MODULE varchar2(64) Module log is for
TEXT varchar2(4000) Log text

MSSP_ASSOCIATIONS_V

View references MSSP_ASSOCIATIONS table that associates an number key in one table to a UUID in another table.

Column Name Datatype Comment
TABLE1 varchar2(64) Table name 1
ID1 number(38) ID1
TABLE2 varchar2(64) Table name 2
ID2 varchar2(36) ID2
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

NETWORK_IDENTITY_RPT_V

View references NETWORK_IDENTITY_LKUP table that stores asset network identity information.

Column Name Datatype Comment
NETWORK_IDENTITY_ID number(38) Network identity code
NETWORK_IDENTITY_NAME varchar2(255) Network identify name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ORGANIZATION_RPT_V

View references ORGANIZATION table that stores organization (asset) information.

Column Name Datatype Comment
ORGANIZATION_ID varchar2(36) Organization identifier
ORGANIZATION_NAME varchar2(100) Organization name
CUST_ID number(38) Customer identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

PERSON_RPT_V

View references PERSION table that stores personal (asset) information.

Column Name Datatype Comment
PERSON_ID varchar2(36) Person identifier
FIRST_NAME varchar2(255) First name
LAST_NAME varchar2(255) Last name
CUST_ID number(38) Customer identifier
PHONE_NUMBER varchar2(50) Phone number
EMAIL_ADDRESS varchar2(255) E-mail address
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

PHYSICAL_ASSET_RPT_V

View references PHYSICAL_ASSET table that stores physical asset information.

Column Name Datatype Comment
PHYSICAL_ASSET_ID varchar2(36) Physical asset identifier
CUST_ID number(38) Customer identifier
HOST_NAME varchar2(255) Host name
IP_ADDRESS number(38) IP address
LOCATION_ID number(38) Location identifier
NETWORK_IDENTITY_ID number(38) Network identity code
MAC_ADDRESS varchar2(100) MAC address
RACK_NUMBER varchar2(50) Rack number
ROOM_NAME varchar2(100) Room name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

PRODUCT_RPT_V

View references PRDT table that stores asset product information.

Column Name Datatype Comment
PRODUCT_ID number(38) Product identifier
PRODUCT_NAME varchar2(255) Product name
PRODUCT_VERSION varchar2(100) Product version
VENDOR_ID number(38) Vendor identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

ROLE_RPT_V

View references ROLE_LKUP table that stores user role (asset) information.

Column Name Datatype Comment
ROLE_CODE varchar2(5) Role code
ROLE_NAME varchar2(255) Role name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

RPT_LABELS_RPT_V

View contains report label translations.

Column Name Datatype Comment
RPT_NAME varchar2(100) Report name
LABEL_1 - 35 varchar2(2000) Translated report labels

SENSITIVITY_RPT_V

View references SENSITIVITY_LKUP table that stores asset sensitivity information.

Column Name Datatype Comment
SENSITIVITY_ID number(38) Asset sensitivity code
SENSITIVITY_NAME varchar2(50) Asset sensitivity name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

SENTINEL_HOST_RPT_V

View contains data used internally by Sentinel.

Column Name Datatype Comment
SENTINEL_HOST_ID varchar2(36) Sentinel host identifier
SENTINEL_ID varchar2(36) Sentinel identifier
SENTINEL_HOST_NAME varchar2(255) Sentinel host name
HOST_NAME varchar2(255) Host name
IP_ADDR varchar2(255) Host IP address
HOST_OS varchar2(255) Host operating system
HOST_OS_VERSION varchar2(255) Host operating system version
MODIFIED_BY number(38,0) User who last modified object
CREATED_BY number(38,0) User who created object
DATE_CREATED Date Date the entry was created
DATE_MODIFIED Date Date the entry was modified

SENTINEL_PLUGIN_RPT_V

View contains data used internally by Sentinel.

Column Name Datatype Comment
SENTINEL_HOST_ID varchar2(36) Sentinel host identifier
SENTINEL_ID varchar2(36) Sentinel identifier
SENTINEL_HOST_NAME varchar2(255) Sentinel host name
HOST_NAME varchar2(255) Host name
IP_ADDR varchar2(255) Host IP address
HOST_OS varchar2(255) Host operating system
HOST_OS_VERSION varchar2(255) Host operating system version
MODIFIED_BY number(38,0) User who last modified object
CREATED_BY number(38,0) User who created object
DATE_CREATED Date Date the entry was created
DATE_MODIFIED Date Date the entry was modified

SENTINEL_RPT_V

View contains data used internally by Sentinel.

Column Name Datatype Comment
SENTINEL_ID varchar2(36) Sentinel identifier
SENTINEL_NAME varchar2(255) Sentinel name
ONLINE_IND number(1,0) Online indicator
STATE_IND number(1,0) State indicator
SENTINEL_CONFIG clob Sentinel configuration
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified

STATES_RPT_V

View references STATES table that stores definitions of states defined by applications or context.

Column Name Datatype Comment
STT_ID number(38) State ID – sequence number
CONTEXT varchar2(64) Context of the state. That is case, incident, user.
NAME varchar2(64) Name of the state.
TERMINAL_FLAG varchar2(1) Indicates if state of incident is resolved.
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
MODIFIED_BY number User who last modified object
CREATED_BY number User who created object

UNASSIGNED_INCIDENTS_RPT_V

View references CASES and INCIDENTS tables to report on unassigned cases.

Name Datatype Comment
INC_ID number
NAME varchar2(255)
SEVERITY number
STT_ID number
SEVERITY_RATING varchar2(32)
VULNERABILITY_RATING varchar2(32)
CRITICALITY_RATING varchar2(32)
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object
INC_DESC varchar2(4000)
INC_CAT varchar2(255)
INC_PRIORITY number
INC_RES varchar2(4000)

USERS_RPT_V

View references USERS table that lists all users of the application. The users will also be created as database users to accommodate 3rd party reporting tools.

Column Name Datatype Comment
USR_ID number User identifier – Sequence number
NAME varchar2(64) Short, unique user name used as a login
CNT_ID number Contact ID – Sequence number
STT_ID number State ID. Status is either active or inactive.
DESCRIPTION varchar2(512) Comments
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object
PERMISSIONS varchar2(4000) Permissions currently assigned to the Sentinel user
FILTER varchar2(128) Current security filter assigned to the Sentinel user
UPPER_NAME varchar2(64) User name in upper case
DOMAIN_AUTH_IND number (1) Domain authentication indication

USR_ACCOUNT_RPT_V

View contains user account information from an identity management system.

Column Name Datatype Comment
ACCOUNT_ID number(38,0) Account identifier
USER_NAME varchar2(255) User name
USER_DOMAIN varchar2(255) User domain
CUST_ID number(38,0) Customer identifier
BEGIN_EFFECTIVE_DATE date Begin effective date
END_EFFECTIVE_DATE date End effective date
CURRENT_F number(1,0) Current flag
USER_STATUS varchar2(50) User status
IDENTITY_GUID varchar2(36) Identity identifier
SOURCE_USER_ID varchar2(100) User ID on source system
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

USR_IDENTITY_EXT_ATTR_RPT_V

View contains extended attributes information from an identity management system, including name value pairs in the ATTRIBUTE_NAME and ATTRIBUTE_VALUE columns.

Column Name Datatype Comment
IDENTITY_GUID varchar2(36) Identity identifier
ATTRIBUTE_NAME varchar2(255) Attribute name
ATTRIBUTE_VALUE varchar2(1024) Attribute value

USR_IDENTITY_RPT_V

View contains user identity information from an identity management system.

Column Name Datatype Comment
IDENTITY_GUID varchar2(36) Identity identifier
DN varchar2(255) Distinguished name
CUST_ID number(38,0) Customer identifier
SRC_IDENTITY_ID varchar2(100) Source identity identifier
WFID varchar2(100) Workforce identifier
FIRST_NAME varchar2(255) First name
LAST_NAME varchar2(255) Last name
FULL_NAME varchar2(255) Full name
JOB_TITLE varchar2(255) Job title
DEPARTMENT_NAME varchar2(100) Department name
OFFICE_LOC_CD varchar2(100) Office location code
PRIMARY_EMAIL varchar2(255) Primary e-mail address
PRIMARY_PHONE varchar2(100) Primary phone number
VAULT_NAME varchar2(100) Identity vault name
MGR_GUID varchar2(36) Manager identity identifier
PHOTO clob Photo
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

VENDOR_RPT_V

View references VNDR table that stores information about asset product vendors.

Column Name Datatype Comment
VENDOR_ID number(38) Vendor identifier
VENDOR_NAME varchar2(255) Vendor name
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38) User who created object
MODIFIED_BY number(38) User who last modified object

VULN_CALC_SEVERITY_RPT_V

View references VULN_RSRC and VULN to calculate eSecurity vulnerability severity rating base on current vulnerabilities.

Column Name Datatype Comment
RSRC_ID varchar2(36) Resource identifier
IP varchar2(32) IP
HOST_NAME varchar2(255) Host name
CRITICALITY number Asset criticality code
ASSIGNED_VULN_SEVERITY number
VULN_COUNT number Vulnerability Count
CALC_SEVERITY number Calculated severity

VULN_CODE_RPT_V

View references VULN_CODE table that stores industry assigned vulnerability codes such as Mitre’s CVEs and CANs.

Column Name Datatype Comment
VULN_CODE_ID varchar2(36) Vulnerability code identifier
VULN_ID varchar2(36) Vulnerability identifier
VULN_CODE_TYPE varchar2(64) Vulnerability code type
VULN_CODE_VALUE varchar2(255) Vulnerability code value
URL varchar2(512) Web URL
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

VULN_INFO_RPT_V

View references VULN_INFO table that stores additional information reported during a scan.

Column Name Datatype Comment
VULN_INFO_ID varchar2(36) Vulnerability info identifier
VULN_ID varchar2(36) Vulnerability identifier
VULN_INFO_TYPE varchar2(36) Vulnerability info type
VULN_INFO_VALUE varchar2(2000) Vulnerability info value
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

VULN_RPT_V

View references VULN table that stores information of scanned system. Each scanner will have its own entry for each system.

Column Name Datatype Comment
VULN_ID varchar2(36) Vulnerability identifier
RSRC_ID varchar2(36) Resource identifier
PORT_NAME varchar2(64) Port Name
PORT_NUMBER number Port Number
NETWORK_PROTOCOL number Network Protocol
APPLICATION_PROTOCOL varchar2(64) Application Protocol
ASSIGNED_VULN_SEVERITY number
COMPUTED_VULN_SEVERITY number
VULN_DESCRIPTION clob Vulnerability description
VULN_SOLUTION clob Vulnerability solution
VULN_SUMMARY varchar2(1000) Vulnerability summary
BEGIN_EFFECTIVE_DATE date Date from which the entry is valid
END_EFFECTIVE_DATE date Date until which the entry is valid
DETECTED_OS varchar2(64) Operating system of scanned machine
DETECTED_OS_VERSION varchar2(64) Operating system version of scanned machine
SCANNED_APP varchar2(64)
SCANNED_APP_VERSION varchar2(64)
VULN_USER_NAME varchar2(64) Username used by scanner
VULN_USER_DOMAIN varchar2(64) Domain of user used by scanned
VULN_TAXONOMY varchar2(1000)
SCANNER_CLASSIFICATION varchar2(255)
VULN_NAME varchar2(300)
VULN_MODULE varchar2(64)
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

VULN_RSRC_RPT_V

View references VULN_RSRC table that stores each resource scanned for a particular scan.

Column Name Datatype Comment
RSRC_ID varchar2(36) Resource identifier
SCANNER_ID varchar2(36) Scanner identifier
IP varchar2(32) IP Address
HOST_NAME varchar2(255) Host name
LOCATION varchar2(128) Location
DEPARTMENT varchar2(128) Department
BUSINESS_SYSTEM varchar2(128) Business System
OPERATIONAL_ENVIRONMENT varchar2(64) Operational environment
CRITICALITY number Criticality
REGULATION varchar2(128) Regulation
REGULATION_RATING varchar2(64) Regulation rating
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

VULN_RSRC_SCAN_RPT_V

View references VULN_RSRC_SCAN table that stores each resource scanned for a particular scan.

Column Name Datatype Comment
RSRC_ID varchar2(36) Resource identifier
SCAN_ID varchar2(36) Vulnerability scan identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

VULN_SCAN_RPT_V

View references table that stores information pertaining to scans.

Column Name Datatype Comment
SCAN_ID varchar2(36) Vulnerability scan identifier
SCANNER_ID varchar2(36) Vulnerability scanner identifier
SCAN_TYPE varchar2(10) Vulnerability scan type
SCAN_START_DATE date Scan start date
SCAN_END_DATE date Scan start date
CONSOLIDATION_SERVER varchar2(64) Consolidation server
LOAD_STATUS varchar2(64)
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

VULN_SCAN_VULN_RPT_V

View references VULN_SCAN_VULN table that stores vulnerabilities detected during scans.

Column Name Datatype Comment
SCAN_ID varchar2(36) Vulnerability scan identifier
VULN_ID varchar2(36) Vulnerability identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

VULN_SCANNER_RPT_V

View references VULN_SCANNER table that stores information about vulnerability scanners.

Column Name Datatype Comment
SCANNER_ID varchar2(36) Vulnerability scanner identifier
PRODUCT_NAME varchar2(100) Product Name
PRODUCT_VERSION varchar2(64) Product Version
SCANNER_TYPE varchar2(64) Vulnerability Scanner Type
VENDOR varchar2(100) Vendor
SCANNER_INSTANCE varchar2(64) Scanner Instance
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number User who created object
MODIFIED_BY number User who last modified object

WORKFLOW_DEF_RPT_V

Column Name Datatype Comment
PKG_NAME varchar2(255) Package name
PKG_DATA clob Package data
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

WORKFLOW_INFO_RPT_V

Column Name Datatype Comment
INFO_ID number(38,0) Info identifier
PROCESS_DEF_ID varchar2(100) Process definition identifier
PROCESS_INSTANCE_ID varchar2(150) Process instance identifier
DATE_CREATED date Date the entry was created
DATE_MODIFIED date Date the entry was modified
CREATED_BY number(38,0) User who created object
MODIFIED_BY number(38,0) User who last modified object

Deprecated Views

The following legacy views are no longer created in the Sentinel 6 database:

  • ADV_ALERT_CVE_RPT_V
  • ADV_ALERT_PRODUCT_RPT_V
  • ADV_ALERT_RPT_V
  • ADV_ATTACK_ALERT_RPT_V
  • ADV_ATTACK_CVE_RPT_V
  • ADV_CREDIBILITY_RPT_V
  • ADV_SEVERITY_RPT_V
  • ADV_SUBALERT_RPT_V
  • ADV_URGENCY_RPT_V

PostgreSQL Views

Lucene Views

 

© 2014 Novell