7.1 Views

Listed below are the views available with Sentinel.

7.1.1 ACTVY_PARM_RPT_V

This view contains information about iTRAC activities.

Column Name

Datatype

Comment

ACTVY_PARM_ID

varchar2(36)

Activity parameter identifier

ACTVY_ID

varchar2(36)

Activity identifier

PARM_NAME

varchar2(255)

Activity Parameter name

PARM_TYP_CD

varchar2(1)

Activity parameter type code

DATA_TYP

varchar2(50)

Activity parameter data type

DATA_SUBTYP

varchar2(50)

Activity parameter data subtype

RQRD_F

number (1,0)

Required flag

PARM_DESC

varchar2(255)

Activity parameter description

PARM_VAL

varchar2(1000)

Activity parameter value

FORMATTER

varchar2(255)

Activity parameter formatter

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number (38,0)

User who created the object

MODIFIED_BY

number (38,0)

User who last modified the object

7.1.2 ACTVY_REF_PARM_VAL_RPT_V

This view contains information about iTRAC activities.

Column Name

Datatype

Comment

ACTVY_ID

varchar2(36)

Activity identifier

ACTVY_PARM_ID

varchar2(36)

Activity parameter identifier

CREATED_BY

number(38,0)

User who created the object

DATE_CREATED

Date

Date the entry was created

DATE_MODIFIED

Date

Date the entry was modified

MODIFIED_BY

number(38,0)

User who last modified the object

PARM_VAL

varchar2(1000)

Activity parameter value

SEQ_NUM

number(38,0)

Sequence number

7.1.3 ACTVY_REF_RPT_V

This view contains information about iTRAC activities.

Column Name

Datatype

Comment

ACTVY_ID

varchar2(36)

Activity identifier

SEQ_NUM

number(38,0)

Sequence number

REFD_ACTVY_ID

varchar2(36)

Referenced activity identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.4 ACTVY_RPT_V

This view contains information about iTRAC activities.

Column Name

Datatype

Comment

ACTVY_ID

varchar2(36)

Activity identifier

ACTVY_NAME

varchar2(255)

Activity name

ACTVY_TYP_CD

varchar2(1)

Activity type code

ACCESS_LVL

varchar2(50)

Access level

EXEC_LOC

varchar2(50)

Execution location

ACTVY_DESC

varchar2(255)

Activity description

PROCESSOR

varchar2(255)

Processor

INPUT_FORMATTER

varchar2(255)

Input formatter

OUTPUT_FORMATTER

varchar2 (255)

Output formatter

APP_NAME

varchar2 (25)

Application name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number (38,0)

User who created object

MODIFIED_BY

number (38,0)

User who last modified object

7.1.5 ADV_NXS_FEED_V

This view contains information about the Advisor feed files that are processed on a regular schedule.

Column Name

Datatype

Comment

FILE_NAME

varchar (256)

The filename of the Advisor feed file.

HASH_VALUE

varchar (256)

The hash value of the Advisor feed file.

RECORDS_INSERTED

number (18,0)

The number of records inserted into the database.

RECORDS_UPDATED

number (18,0)

The number of records updated into the database.

PROCESSING_START_TIME

date

Time stamp indicating when the processing of the feed files started.

PROCESSING_END_TIME

date

Time stamp indicating when the processing of the feed files ended.

GENERATION

date

The unique ID to which each feed file belongs.

DATE_CREATED

date

Time stamp indicating when the feed file information was entered in the Sentinel database.

DATE_MODIFIED

date

Time stamp indicating when the feed file information was modified in the Sentinel database.

CREATED_BY

number

ID of the user who entered the feed file information in the Sentinel database.

MODIFIED_BY

number

ID of the user who modified the feed file information in the Sentinel database.

7.1.6 ADV_NXS_PRODUCTS_V

This view contains information about all the products that are supported by Novell for Advisor, which include the Intrusion Detection System (IDS), Vulnerablility Scanners, and Knowledge Base (OSVDB, CVE, and Bugtraq).

Column Name

Datatype

Comment

PRODUCT_ID

number

The unique ID of the product.

PRODUCT_NAME

varchar2 (256 char)

Name of the product. For example, Cisco Secure IDS, Enterasys Dragon Network Sensor, or McAfee IntruShield.

INTERNAL_NAME

varchar2 (256 char)

Short name of the product that is used in generating the exploitdetection.csv file. This name is used by Collectors for exploit detection. For example, if the product name is Cisco Secure IDS, the internal name is Secure.

IS_ATTACK

number (1,0)

This value is 1 if the product is IDS. Otherwise, this value is 0.

IS_VULN

number (1,0)

This value is 1 if the product is Vulnerability Scanner. Otherwise, this value is 0.

IS_KB

number (1,0)

This value is 1 if the product is Knowledge Base. Otherwise, this value is 0.

IS_ACTIVE

number (1,0)

This value is 1 if the product is selected for exploit detection in the Advisor window of Sentinel Control Center. If the value is 0, attacks from this product are not populated in the exploitdetection.csv file.

IS_POPULATE_ATTACK_NAME

number (1, 0)

This value is 1 by default. If the value is 0, the attack name is not populated in the exploitDetection.csv file.

IS_POPULATE_ATTACK_CODE

number (1, 0)

This value is 1 by default. If the value is 0, the attack code is not populated in the exploitDetection.csv file.

DATE_CREATED

date

Time stamp indicating when the product information was entered in the Sentinel database.

DATE_MODIFIED

date

Time stamp indicating when the product information was modified in the Sentinel database.

CREATED_BY

number

ID of the user who entered the product information in the Sentinel database.

MODIFIED_BY

number

ID of the user who modified the product information in the Sentinel database.

7.1.7 ADV_NXS_SIGNATURES_V

This view contains the information about the list of signatures for each product that is supported by Novell for Advisor.

Column Name

Datatype

Comment

PRODUCT_ID

number

The unique ID of the product.

SIGNATURE_ID

number

The unique ID of the signature.

SIGNATURE_NAME

varchar2 (256 char)

Name of the signature.

PUBLISHED

date

Time stamp indicating when the signature was published for the product by the vendor.

INSERTED

date

Time stamp indicating when the signature information was entered in the vendor database.

UPDATED

date

Time stamp indicating when the signature information was updated in the vendor database.

DATE_CREATED

date

Time stamp indicating when the signature information was entered in the Sentinel database.

DATE_MODIFIED

date

Time stamp indicating when the signature information was modified in the Sentinel database.

CREATED_BY

number

ID of the user who entered the signature information in the Sentinel database.

MODIFIED_BY

number

ID of the user who modified the signature information in the Sentinel database.

7.1.8 ADV_NXS_MAPPINGS_V

This view contains the mapping information for the products supported by Novell for Advisor. It provides information about the type of mapping between each product including the IDS product signatures, Vulnerability product signatures, and Knowledge Base product signatures.

Column Name

Datatype

Comment

SOURCE_PRODUCT_ID

number

The unique ID of the source product.

SOURCE_SIGNATURE_ID

number

The unique ID of the source signature.

TARGET_PRODUCT_ID

number

The unique ID of the target product.

TARGET_SIGNATURE_ID

number

The unique ID of the target signature.

MAPPING_DIRECT

number (1, 0)

This value is 1 if the mapping is direct.

MAPPING_INDIRECT

number (1, 0)

This value is 1 if the mapping is indirect.

MAPPING_NGRAM

number (1, 0)

This value is 1 if the mapping is n-gram.

INSERTED

date

Time stamp indicating when the mapping information was entered in the vendor database.

UPDATED

date

Time stamp indicating when the mapping was updated in the vendor database.

IS_DELETED

number (1, 0)

This value is 1 if the mapping is marked as invalid.

DELETED

date

Time stamp indicating when the mapping was marked as invalid.

DATE_CREATED

date

Time stamp indicating when the mapping information was entered in the Sentinel database.

DATE_MODIFIED

date

Time stamp indicating when the mapping information was modified in the Sentinel database.

CREATED_BY

number

ID of the user who entered the mapping information in the Sentinel database.

MODIFIED_BY

number

ID of the user who modified the mapping information in the Sentinel database.

7.1.9 ADV_OSVDB_DETAILS_V

This view contains information about the known vulnerablities from the OSVDB for the products supported by Novell for Advisor. It also stores the classifications to which the vulnerability applies.

Column Name

Datatype

Comment

OSVDB_ID

number

The unique ID of the vulnerability in the OSVDB.

OSVDB_TITLE

clob

The normalized name of the vulnerability.

DESCRIPTION

clob

A brief description of the vulnerability.

URGENCY

number

Indicates the urgency of the vulnerability. The rating is 1- 10. The higher the number, the more urgent the vulnerability.

SEVERITY

number

Indicates the severity of the vulnerability. The rating is 1- 10. The higher the number, the more urgent the vulnerability.

ATTACK_TYPE_AUTH_MANAGE

number (1, 0)

This value is 1 if the attack type is authentication management. For example, brute force attack, default password, and cookie poisoning.

ATTACK_TYPE_CRYPT

number (1, 0)

This value is 1 if the attack type is cryptographic. For example, weak encryption (implementation or algorithm), no encryption (plaintext), and sniffing.

ATTACK_TYPE_DOS

number (1, 0)

This value is 1 if the attack type is denial of service. For example, saturation flood, crash, lock up, and forced reboot.

ATTACK_TYPE_HIJACK

number (1, 0)

This value is 1 if the attack type is hijack. For example, man-in-the-middle attacks, IP spoofing, session timeout or take-over, and session replay.

ATTACK_TYPE_INFO_DISCLOSE

number (1, 0)

This value is 1 if the attack type is information disclosure. For example, comments, passwords, fingerprinting, and system information.

ATTACK_TYPE_INFRASTRUCT

number (1, 0)

This value is 1 if the attack type is infrastructure. For example, DNS poisoning and route manipulation.

ATTACK_TYPE_INPUT_MANIP

number (1, 0)

This value is 1 if the attack type is input manipulation. For example, XSS, SQL injection, file retrieval, directory traversal, overflows, and URL encoding.

ATTACK_TYPE_MISS_CONFIG

number (1, 0)

This value is 1 if the attack type is misconfiguration. For example, default files, debugging enabled, and directory indexing.

ATTACK_TYPE_RACE

number (1, 0)

This value is 1 if the attack type is race condition. For example, symlink.

ATTACK_TYPE_OTHER

number (1, 0)

This value is 1 if the attack type does not fall under any of the above attack types.

ATTACK_TYPE_UNKNOWN

number (1, 0)

This value is 1 if the attack type is unknown.

IMPACT_CONFIDENTIAL

number (1, 0)

This value is 1 if the impact of the attack(s) is loss of confidential information. For example, passwords, server information, environment variables, confirmation of file existence, path disclosure, file content access, and SQL injection.

IMPACT_INTEGRITY

number (1, 0)

This value is 1 if the impact of the attack(s) is loss of integrity, which results in data modifications by unauthorized persons. For example, unauthorized file modification, deletion, or creation, remote file inclusion, and arbitrary command execution.

IMPACT_AVAILABLE

number (1, 0)

This value is 1 if the impact of the attack is loss of availability of a service or information.

IMPACT_UNKNOWN

number (1, 0)

This value is 1 if the impact of the attack is unknown.

EXPLOIT_AVAILABLE

number (1, 0)

This value is 1 if an exploit is available for the vulnerability.

EXPLOIT_UNAVAILABLE

number (1, 0)

This value is 1 if an exploit is not available for the vulnerability.

EXPLOIT_RUMORED

number (1, 0)

This value is 1 if an exploit is rumored to exist for the vulnerability.

EXPLOIT_UNKNOWN

number (1, 0)

This value is 1 if an exploit is unknown for the vulnerability.

VULN_VERIFIED

number (1, 0)

This value is 1 if the existence of the vulnerability has been verified.

VULN_MYTH_FAKE

number (1, 0)

This value is 1 if the vulnerability is a myth or a false alarm.

VULN_BEST_PRAC

number (1, 0)

This value is 1 if the vulnerability is a result of not following the best practices in the configuration or usage of the vulnerable system or software.

VULN_CONCERN

number (1, 0)

This value is 1 if the vulnerability requires additional concern for remediation.

VULN_WEB_CHECK

number (1, 0)

This value is 1 if the vulnerability is a common problem in Web servers or Web applications.

ATTACK_SCENARIO

clob

Description of how a vulnerability can be exploited.

SOLUTION_DESCRIPTION

clob

Description of the solution that is used to fix the vulnerability.

FULL_DESCRIPTION

clob

The complete description of the vulnerability.

LOCATION_PHYSICAL

number (1, 0)

This value is 1 if the vulnerability can be exploited with only physical system access.

LOCATION_LOCAL

number (1, 0)

This value is 1 if the vulnerability can be exploited on a local system.

LOCATION_REMOTE

number (1, 0)

This value is 1 if the vulnerabilitycan be exploited on a remote system.

LOCATION_DIALUP

number (1, 0)

This value is 1 if the vulnerability can be exploited using a dial-up connection.

LOCATION_UNKNOWN

number (1, 0)

This value is 1 if the vulnerability is exploited in an unknown location.

PUBLISHED

date

Time stamp indicating when the vulnerability was published in the OSVDB.

INSERTED

date

Time stamp indicating when the vulnerability was inserted in the vendor database.

UPDATED

date

Time stamp indicating when the vulnerability was updated in the vendor database.

DATE_CREATED

date

Time stamp indicating when the vulnerability information was entered in the Sentinel database.

DATE_MODIFIED

date

Time stamp indicating when the vulnerability information was modified in the Sentinel database.

CREATED_BY

number

The ID of the user who entered the vulnerability information in the Sentinel database.

MODIFIED_BY

number

The ID of the user who modified the vulnerability information in the Sentinel database.

7.1.10 ADV_NXS_KB_PATCH_V

This view contains information about the patches that are required to remove the vulnerabilities.

Column Name

Datatype

Comment

ID

number

The unique ID for the row.

OSVDB_ID

number

The ID of the vulnerability in the OSVDB.

TYPE_NAME

varchar2 (128 char)

The type of the patch used to remove the vulnerability.

TYPE_ID

number

The unique ID of the patch.

REF_VALUE

clob

The URL that has the patch information.

DATE_CREATED

date

Time stamp indicating when the patch information was entered in the Sentinel database.

DATE_MODIFIED

date

Time stamp indicating when the patch information was modified in the Sentinel database.

CREATED_BY

number

The ID of the user who entered the patch information in the Sentinel database.

MODIFIED_BY

number

The ID of the user who modified the patch information in the Sentinel database.

7.1.11 ADV_NXS_KB_PRODUCTSREF_V

This view contains the information about the products that are affected by the vulnerability.

Column Name

Datatype

Comment

ID

number

The unique ID for the row.

OSVDB_ID

number

The ID of the vulnerability in the OSVDB.

VENDOR_NAME

varchar2 (128 char)

Name of the vendor of the product that is affected by the vulnerability.

VERSION_NAME

varchar2 (128 char)

Version of the product that is affected by the vulnerability.

BASE_NAME

varchar2 (128 char)

Name of the product that is affected by the vulnerability.

TYPE_NAME

varchar2 (128 char)

Indicates whether the product is affected by the vulnerability or not.

DATE_CREATED

date

Time stamp indicating when the product information was entered in the Sentinel database.

DATE_MODIFIED

date

Time stamp indicating when the product information was modified in the Sentinel database.

CREATED_BY

number

The ID of the user who entered the product information in the Sentinel database.

MODIFIED_BY

number

The ID of the user who modified the product information in the Sentinel database.

7.1.12 ASSET_CATEGORY_RPT_V

This iew references ASSET_CTGRY table that stores information about asset categories

Column Name

Datatype

Comment

ASSET_CATEGORY_ID

number(38)

Asset category identifier

ASSET_CATEGORY_NAME

varchar2(100)

Asset category name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.13 ASSET_HOSTNAME_RPT_V

This view references ASSET_HOSTNAME table that stores information about alternate host names for assets.

Column Name

Datatype

Comment

ASSET_HOSTNAME_ID

varchar2(36)

Asset alternate hostname identifier

PHYSICAL_ASSET_ID

varchar2(36)

Physical asset identifier

HOST_NAME

varchar2(255)

Host name

CUST_ID

number(38)

Customer identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.14 ASSET_IP_RPT_V

This view references ASSET_IP table that stores information about alternate IP addresses for assets.

Column Name

Datatype

Comment

ASSET_IP_ID

varchar2(36)

Asset alternate IP identifier

PHYSICAL_ASSET_ID

varchar2(36)

Physical asset identifier

IP_ADDRESS

number(38)

Asset IP address

CUST_ID

number(38)

Customer identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.15 ASSET_LOCATION_RPT_V

This view references ASSET_LOC table that stores information about asset locations.

Column Name

Datatype

Comment

LOCATION_ID

number(38)

Location identifier

CUST_ID

number(38)

Customer identifier

BUILDING_NAME

varchar2(255)

Building name

ADDRESS_LINE_1

varchar2(255)

Address line 1

ADDRESS_LINE_2

varchar2(255)

Address line 2

CITY

varchar2(100)

City

STATE

varchar2(100)

State

COUNTRY

varchar2(100)

Country

ZIP_CODE

varchar2(50)

Zip code

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.16 ASSET_RPT_V

This view references ASSET table that stores information about the physical and soft assets.

Column Name

Datatype

Comment

ASSET_ID

varchar2(36)

Asset identifier

CUST_ID

number(38)

Customer identifier

ASSET_NAME

varchar2(255)

Asset name

PHYSICAL_ASSET_ID

varchar2(36)

Physical asset identifier

PRODUCT_ID

number(38)

Product identifier

ASSET_CATEGORY_ID

number(38)

Asset category identifier

ENVIRONMENT_IDENTITY_ID

number(38)

Environment identify code

PHYSICAL_ASSET_IND

number(1)

Physical asset indicator

ASSET_VALUE_ID

number(38)

Asset value code

CRITICALITY_ID

number(38)

Asset criticality code

SENSITIVITY_ID

number(38)

Asset sensitivity code

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.17 ASSET_VALUE_RPT_V

This view references ASSET_VAL_LKUP table that stores information about the asset value.

Column Name

Datatype

Comment

ASSET_VALUE_ID

number(38)

Asset value code

ASSET_VALUE_NAME

varchar2(50)

Asset value name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.18 ASSET_X_ENTITY_X_ROLE_RPT_V

This view references ASSET_X_ENTITY_X_ROLE table that associates a person or an organization to an asset.

Column Name

Datatype

Comment

PERSON_ID

varchar2(36)

Person identifier

ORGANIZATION_ID

varchar2(36)

Organization identifier

ROLE_CODE

varchar2(5)

Role code

ASSET_ID

varchar2(36)

Asset identifier

ENTITY_TYPE_CODE

varchar2(5)

Entity type code

PERSON_ROLE_SEQUENCE

number(38)

Order of persons under a particular role

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.19 ASSOCIATIONS_RPT_V

This view references ASSOCIATIONS table that associates users to incidents, incidents to annotations and so on.

Column Name

Datatype

Comment

TABLE1

varchar2(64)

Table name 1. For example, incidents

ID1

varchar2(36)

ID1. For example, incident ID.

TABLE2

varchar2(64)

Table name 2. For example, users.

ID2

varchar2(36)

ID2. For example, user ID.

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.20 ATTACHMENTS_RPT_V

This view references ATTACHMENTS table that stores attachment data.

Column Name

Datatype

Comment

ATTACHMENT_ID

number

Attachment identifier

NAME

varchar2(255)

Attachment name

SOURCE_REFERENCE

varchar2(64)

Source reference

TYPE

varchar2(32)

Attachment type

SUB_TYPE

varchar2(32)

Attachment subtype

FILE_EXTENSION

varchar2(32)

File extension

ATTACHMENT_DESCRIPTION

varchar2(255)

Attachment description

DATA

clob

Attachment data

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.21 AUDIT_RECORD_RPT_V

This view references AUDIT_RECORD table that stores Sentinel internal audit data.

Column Name

Datatype

Comment

AUDIT_ID

varchar2(36)

Audit record identifier

AUDIT_TYPE

varchar2(255)

Audit type

SRC

varchar2(255)

Audit source

SENDER_HOSTNAME

varchar2(255)

Sender hostname

SENDER_HOST_IP

varchar2(255)

Sender host IP

SENDER_CONTAINER

varchar2(255)

Sender container name

SENDER_ID

varchar2(255)

Sender Identifier

CLIENT

varchar2(255)

Client application that requested audit

EVT_NAME

varchar2(255)

Event name

RES

varchar2(255)

Event resource

SRES

varchar2(255)

Event sub-resource

MSG

varchar2(500)

Event message

CREATED_BY

number(0)

User who created object

MODIFIED_BY

number(0)

User who last modified object

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

7.1.22 CONFIGS_RPT_V

This view references CONFIGS table that stores general configuration information of the application.

Column Name

Datatype

Comment

USR_ID

varchar2(32)

User name.

APPLICATION

varchar2(255)

Application identifier

UNIT

varchar2(64)

Application unit

VALUE

varchar2(255)

Text value if any

DATA

clob

XML data

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.23 CONTACTS_RPT_V

This view references CONTACTS table that stores contact information.

Column Name

Datatype

Comment

CNT_ID

number

Contact ID - Sequence number

FIRST_NAME

varchar2(20)

Contact first name.

LAST_NAME

varchar2(30)

Contact last name.

TITLE

varchar2(128)

Contact title

DEPARTMENT

varchar2(128)

Department

PHONE

varchar2(64)

Contact phone

EMAIL

varchar2(255)

Contact e-mail

PAGER

varchar2(64)

Contact pager

CELL

varchar2(64)

Contact cell phone

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.24 CORRELATED_EVENTS_RPT_V (legacy view)

This view is provided for backward compatibility. New reports should use CORRELATED_EVENTS_RPT_V1.

7.1.25 CORRELATED_EVENTS_RPT_V1

This vew contains current and historical correlated events (correlated events imported from archives).

Column Name

Datatype

Comment

PARENT_EVT_ID

varchar2(36)

Event Universal Unique Identifier (UUID) of parent event

CHILD_EVT_ID

varchar2(36)

Event Universal Unique Identifier (UUID) of child event

PARENT_EVT_TIME

date

Parent event time

CHILD_EVT_TIME

date

Child event time

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.26 CRITICALITY_RPT_V

This view references CRIT_LKUP table that contains information about asset criticality.

Column Name

Datatype

Comment

CRITICALITY_ID

number(38)

Asset criticality code

CRITICALITY_NAME

varchar2(50)

Asset criticality name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.27 CUST_HIERARCHY_V

This view references CUST_HIERARCHY table that stores information about MSSP customer hierarchy.

Column Name

Datatype

Comment

CUST_HIERARCHY_ID

number(38)

Customer hierarchy ID

CUST_NAME

varchar2(255)

Customer

CUST_HIERARCHY_LVL1

varchar2(255)

Customer hierarchy level 1

CUST_HIERARCHY_LVL2

varchar2(255)

Customer hierarchy level 2

CUST_HIERARCHY_LVL3

varchar2(255)

Customer hierarchy level 3

CUST_HIERARCHY_LVL4

varchar2(255)

Customer hierarchy level 4

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.28 CUST_RPT_V

This view references CUST table that stores customer information for MSSPs.

Column Name

Datatype

Comment

CUST_ID

number(38)

Customer identifier

CUSTOMER_NAME

varchar2(255)

Customer name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.29 ENTITY_TYPE_RPT_V

This view references ENTITY_TYP table that stores information about entity types (person, organization).

Column Name

Datatype

Comment

ENTITY_TYPE_CODE

varchar2(5)

Entity type code

ENTITY_TYPE_NAME

varchar2(50)

Entity type name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.30 ENV_IDENTITY_RPT_V

This view references ENV_IDENTITY_LKUP table that stores information about asset environment identity.

Column Name

Datatype

Comment

ENVIRONMENT_IDENTITY_ID

number(38)

Environment identity code

ENV_IDENTITY_NAME

varchar2(255)

Environment identity name

DATE_CREATED

Date

Date the entry was created

DATE_MODIFIED

Date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.31 ESEC_CONTENT_GRP_CONTENT_RPT_V

This view contains information about Solution Packs.

Column Name

Datatype

Comment

CONTENT_GRP_ID

varchar2(36)

Content group identifier

CONTENT_ID

varchar2(255)

Content identifier

CONTENT_TYP

varchar2(100)

Content type

CONTENT_HASH

varchar2(255)

Content hash

DATE_CREATED

Date

Date the entry was created

DATE_MODIFIED

Date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.32 ESEC_CONTENT_GRP_RPT_V

This view contains information about Solution Packs.

Column Name

Datatype

Comment

CONTENT_GRP_ID

varchar2(36)

Content group identifier

CONTENT_GRP_NAME

varchar2(255)

Content group name

CONTENT_GRP_DESC

Clob

Content group description

CTRL_ID

varchar2(36)

Control identifier

CONTENT_EXTERNAL_ID

varchar2(255)

Content external identifier

DATE_CREATED

Date

Date the entry was created

DATE_MODIFIED

Date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.33 ESEC_CONTENT_PACK_RPT_V

This view contains information about Solution Packs.

Column Name

Datatype

Comment

CONTENT_PACK_ID

varchar2(36)

Content pack identifier

CONTENT_PACK_DESC

Clob

Content pack description

CONTENT_PACK_NAME

varchar2(255)

Content pack name

CONTENT_EXTERNAL_ID

varchar2(255)

Content external identifier

DATE_MODIFIED

Date

Date the entry was modified

DATE_CREATED

Date

Date the entry was created

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.34 ESEC_CONTENT_RPT_V

This view contains information about Solution Packs.

Column Name

Datatype

Comment

CONTENT_PACK_ID

varchar2(36)

Content pack identifier

CONTENT_ID

varchar2(255)

Content identifier

CONTENT_NAME

varchar2(255)

Content name

CONTENT_STATE

number(38,0)

Content state

CONTENT_TYP

varchar2(100)

Content type

CONTENT_DESC

Clob

Content description

CONTENT_CONTEXT

Clob

Content context

CONTENT_HASH

varchar2(255)

Content hash

DATE_CREATED

Date

Date the entry was created

DATE_MODIFIED

Date

Date the entry was modified

MODIFIED_BY

number(38,0)

User who last modified object

CREATED_BY

number(38,0)

User who created object

7.1.35 ESEC_CTRL_CTGRY_RPT_V

This view contains information about Solution Packs.

Column Name

Datatype

Comment

CTRL_CTGRY_ID

varchar2(36)

Control category identifier

CTRL_CTGRY_DESC

Clob

Control category description

CTRL_CTGRY_NAME

varchar2(255)

Control category name

CONTENT_PACK_ID

varchar2(36)

Content pack identifier

CONTENT_EXTERNAL_ID

varchar2(255)

Content external identifier

DATE_CREATED

Date

Date the entry was created

DATE_MODIFIED

Date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.36 ESEC_CTRL_RPT_V

This view contains information about Solution Packs.

Column Name

Datatype

Comment

CTRL_ID

varchar2(36)

Control identifier

CTRL_NAME

varchar2(255)

Control name

CTRL_DESC

clob

Control description

CTRL_STATE

number(38,0)

Control state

CTRL_NOTES

clob

Control notes

CTRL_CTGRY_ID

varchar2(36)

Control category identifier

CONTENT_EXTERNAL_ID

varchar2(255)

Content external identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.37 ESEC_DISPLAY_RPT_V

This view references ESEC_DISPLAY table that stores displayable properties of objects. Currently used in renaming meta-tags. Used with Event Configuration (Business Relevance).

Column Name

Datatype

Comment

DISPLAY_OBJECT

varchar2(32)

The parent object of the property

TAG

varchar2(32)

The native tag name of the property

LABEL

varchar2(32)

The display string of tag.

POSITION

number

Position of tag within display.

WIDTH

number

The column width

ALIGNMENT

number

The horizontal alignment

FORMAT

number

The enumerated formatter for displaying the property

ENABLED

varchar2(1)

Indicates if the tag is shown.

TYPE

number

Indicates datatype of tag.

1 = string

2 = ulong

3 = date

4 = uuid

5 = ipv4

DESCRIPTION

varchar2(255)

Textual description of the tag

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

REF_CONFIG

varchar2(4000)

Referential data configuration

7.1.38 ESEC_PORT_REFERENCE_RPT_V

This view references ESEC_PORT_REFERENCE table that stores industry standard assigned port numbers.

Column Name

Datatype

Comment

PORT_NUMBER

number

Per http://www.iana.org/assignments/port-numbers, the numerical representation of the port. This port number is typically associated with the Transport Protocol level in the TCP/IP stack.

PROTOCOL_NUMBER

number

Per http://www.iana.org/assignments/protocol-numbers, the numerical identifiers used to represent protocols that are encapsulated in an IP packet.

PORT_KEYWORD

varchar2(64)

Per http://www.iana.org/assignments/port-numbers, the keyword representation of the port.

PORT_DESCRIPTION

varchar2(512)

Port description.

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.39 ESEC_PROTOCOL_REFERENCE_RPT_V

This view references ESEC_PROTOCOL_REFERENCE table that stores industry standard assigned protocol numbers.

Column Name

Datatype

Comment

PROTOCOL_NUMBER

number

Per http://www.iana.org/assignments/protocol-numbers, the numerical identifiers used to represent protocols that are encapsulated in an IP packet.

PROTOCOL_KEYWORD

varchar2(64)

Per http://www.iana.org/assignments/protocol-numbers, the keyword used to represent protocols that are encapsulated in an IP packet.

PROTOCOL_DESCRIPTION

varchar2(512)

IP packet protocol description.

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.40 ESEC_SEQUENCE_RPT_V

This view references ESEC_SEQUENCE table that’s used to generate primary key sequence numbers for Sentinel tables.

Column Name

Datatype

Comment

TABLE_NAME

varchar2(32)

Name of the table.

COLUMN_NAME

varchar2(255)

Name of the column

SEED

number

Current value of primary key field.

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.41 ESEC_UUID_UUID_ASSOC_RPT_V

This view contains information about object relationships. Used internally by Sentinel and not for reporting purposes.

Column Name

Datatype

Comment

OBJECT1

varchar2(64)

Object 1

ID1

varchar2(36)

UUID for object 1

OBJECT2

varchar2(64)

Object 2

ID2

varchar2(36)

UUID for object 2

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.42 EVENTS_ALL_RPT_V (legacy view)

This view is provided for backward compatibility. View contains current and historical events (events imported from archives).

7.1.43 EVENTS_ALL_RPT_V1 (legacy view)

This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2. View contains current events.

7.1.44 EVENTS_RPT_V (legacy view)

This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2. View contains current and historical events.

7.1.45 EVENTS_RPT_V1 (legacy view)

This view is provided for backward compatibility. New reports should use EVENT_ALL_RPT_V. View contains current events.

7.1.46 EVENTS_RPT_V2

This is the primary reporting view for Sentinel 6.0. This view contains current event and historical events. It is included for legacy reports but has been replaced in Sentinel 6.1 with EVENTS_RPT_V3.

Column Name

Datatype

Comment

EVENT_ID

varchar2(36)

Event identifier

RESOURCE_NAME

varchar2(255)

Resource name

SUB_RESOURCE

varchar2(255)

Subresource name

SEVERITY

integer

Event severity

EVENT_PARSE_TIME

date

Event time

EVENT_DATETIME

date

Event time

EVENT_DEVICE_TIME

date

Event device time

SENTINEL_PROCESS_TIME

date

Sentinel process time

BEGIN_TIME

date

Events begin time

END_TIME

date

Events end time

REPEAT_COUNT

integer

Events repeat count

DESTINATION_PORT_INT

integer

Destination port (integer)

SOURCE_PORT_INT

integer

Source port (integer)

BASE_MESSAGE

varchar2(4000)

Base message

EVENT_NAME

varchar2(255)

Name of the event as reported by the sensor

EVENT_TIME

varchar2(255)

Event time as reported by the sensor

CUST_ID

integer

Customer identifier

SOURCE_ASSET_ID

integer

Source asset identifier

DESTINATION_ASSET_ID

integer

Destination asset identifier

AGENT_ID

integer

Collector identifier

PROTOCOL_ID

integer

Protocol identifier

ARCHIVE_ID

integer

Archive identifier

SOURCE_IP

integer

Source IP address in numeric format

SOURCE_IP_DOTTED

varchar2(16)

Source IP in dotted format

SOURCE_HOST_NAME

varchar2(255)

Source host name

SOURCE_PORT

varchar2(32)

Source port

DESTINATION_IP

integer

Destination IP address in numeric format

DESTINATION_IP_DOTTED

varchar2(16)

Destination in dotted format

DESTINATION_HOST_NAME

varchar2(255)

Destination host name

DESTINATION_PORT

varchar2(32)

Destination port

SOURCE_USER_NAME

varchar2(255)

Source user name

DESTINATION_USER_NAME

varchar2(255)

Destination user name

FILE_NAME

varchar2(1000)

File name

EXTENDED_INFO

varchar2(1000)

Extended information

CUSTOM_TAG_1

varchar2(255)

Customer Tag 1

CUSTOM_TAG 2

varchar2(255)

Customer Tag 2

CUSTOM_TAG 3

integer

Customer Tag 3

RESERVED_TAG_1

varchar2(255)

Reserved Tag 1

Reserved for future use by Novell. This field is used for Advisor information concerning attack descriptions.

RESERVED_TAG_2

varchar2(255)

Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.

RESERVED_TAG_3

integer

Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.

VULNERABILITY_RATING

integer

Vulnerability rating

CRITICALITY_RATING

integer

Criticality rating

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

integer

User who created object

MODIFIED_BY

integer

User who last modified object

RV01 - 10

integer

Reserved Value 1 - 10

Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.

RV11 - 20

date

Reserved Value 1 - 31

Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.

RV21 - 25

varchar2(36)

Reserved Value 21 - 25

Reserved for future use by Novell to store UUIDs. Use of this field for any other purpose might result in data being overwritten by future functionality.

RV26 - 31

varchar2(255)

Reserved Value 26 - 31

Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.

RV33

varchar2(255)

Reserved Value 33

Reserved for EventContex

Use of this field for any other purpose might result in data being overwritten by future functionality.

RV34

varchar2(255)

Reserved Value 34

Reserved for SourceThreatLevel

Use of this field for any other purpose might result in data being overwritten by future functionality.

RV35

varchar2(255)

Reserved Value 35

Reserved for SourceUserContext.

Use of this field for any other purpose might result in data being overwritten by future functionality.

RV36

varchar2(255)

Reserved Value 36

Reserved for DataContext.

Use of this field for any other purpose might result in data being overwritten by future functionality.

RV37

varchar2(255)

Reserved Value 37

Reserved for SourceFunction.

Use of this field for any other purpose might result in data being overwritten by future functionality.

RV38

varchar2(255)

Reserved Value 38

Reserved for SourceOperationalContext.

Use of this field for any other purpose might result in data being overwritten by future functionality.

RV40 - 43

varchar2(255)

Reserved Value 40 - 43

Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.

RV44

varchar2(255)

Reserved Value 44

Reserved for DestinationThreatLevel.

Use of this field for any other purpose might result in data being overwritten by future functionality.

RV45

varchar2(255)

Reserved Value 45

Reserved for DestinationUserContext.

Use of this field for any other purpose might result in data being overwritten by future functionality.

RV46

varchar2(255)

Reserved Value 46

Reserved for VirusStatus.

Use of this field for any other purpose might result in data being overwritten by future functionality.

RV47

varchar2(255)

Reserved Value 47

Reserved for future use by Novell. Use of this field for any other purpose might result in

data being overwritten by future functionality.

RV48

varchar2(255)

Reserved Value 48

Reserved for DestinationOperationalContext.

Use of this field for any other purpose might result in data being overwritten by future functionality.

RV49

varchar2(255)

Reserved Value 49

Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.

TAXONOMY_ID

integer

REFERENCE_ID_01 - 20

integer

Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.

CV01 - 10

integer

Custom Value 1 - 10

Reserved for use by Customer, typically for association of Business relevant data

CV11 - 20

date

Custom Value 11 - 20

Reserved for use by Customer, typically for association of Business relevant data

CV21 - 29

varchar2(255)

Custom Value 21 – 100

Reserved for use by Customer, typically for association of Business relevant data

CV30 - 34

varchar2(4000)

CV35 – 100

varchar2(255)

7.1.47 EVENTS_RPT_V3

This is the primary reporting view for Sentinel 6.1. This view contains current event and historical events. It is included for legacy reports.

Column Name

Datatype

Comment

EVENT_ID

varchar2(36)

Event identifier

RESOURCE_NAME

varchar2(255)

SUB_RESOURCE

varchar2(255)

Subresource name

SEVERITY

number(38,0)

Event severity

EVENT_PARSE_TIME

date

Event time

EVENT_DATETIME

date

EVENT_DEVICE_TIME

date

Event device time

SENTINEL_PROCESS_TIME

date

Sentinel process time

BEGIN_TIME

date

Events begin time

END_TIME

date

Events end time

REPEAT_COUNT

number(38,0)

TARGET_SERVICE_PORT

number(38,0)

Target service port

INIT_SERVICE_PORT

number(38,0)

BASE_MESSAGE

varchar2(4000)

EVENT_NAME

varchar2(255)

EVENT_TIME

varchar2(255)

Event time

CUST_ID

number(38,0)

INIT_ASSET_ID

number(38,0)

Initiator asset identifier

TARGET_ASSET_ID

number(38,0)

Target asset identifier

AGENT_ID

number(38,0)

PROTOCOL_ID

number(38,0)

ARCHIVE_ID

number(38,0)

INIT_IP

number(38,0)

INIT_IP_DOTTED

varchar2(4000)

INIT_HOST_NAME

varchar2(255)

INIT_SERVICE_PORT_NAME

varchar2(32)

TARGET_IP

number(38,0)

TARGET_IP_DOTTED

varchar2(4000)

TARGET_HOST_NAME

varchar2(255)

TARGET_SERVICE_PORT_NAME

varchar2(32)

INIT_USER_NAME

varchar2(255)

The initiating user's account name (SourceUsername).

TARGET_USER_NAME

varchar2(255)

FILE_NAME

varchar2(1000)

EXTENDED_INFO

varchar2(1000)

CUSTOM_TAG_1

varchar2(255)

Customer Tag 1

CUSTOM_TAG_2

varchar2(255)

Customer Tag 2

CUSTOM_TAG_3

number(38,0)

Customer Tag 3

RESERVED_TAG_1

varchar2(255)

RESERVED_TAG_2

varchar2(255)

RESERVED_TAG_3

number(38,0)

VULNERABILITY_RATING

number(38,0)

CRITICALITY_RATING

number(38,0)

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

RV01

number(38,0)

EVENT_METRIC

number(38,0)

Event metric

DATA_TAG_ID

number(38,0)

Data tag ID

RV04-RV10

number(38,0)

RV11-RV20

date

RV21- RV28

varchar2(255)

INIT_IP_COUNTRY

varchar2(255)

TARGET_IP_COUNTRY

varchar2(255)

RV31

varchar2(255)

RV33

varchar2(255)

INIT_THREAT_LEVEL

varchar2(255)

Initiator threat level

INIT_USER_DOMAIN

varchar2(255)

The domain (namespace) in which the initiating account exists.

RV36

varchar2(255)

INIT_FUNCTION

varchar2(255)

Initiator function

INIT_OPERATIONAL_CONTEXT

varchar2(255)

Initiator operational context

RV40

varchar2(255)

TARGET_HOST_DOMAIN

varchar2(255)

Target host domain

INIT_HOST_DOMAIN

varchar2(255)

RV43

varchar2(255)

TARGET_THREAT_LEVEL

varchar2(255)

Target threat level

TARGET_USER_DOMAIN

varchar2(255)

Target user domain

RV46

varchar2(255)

TARGET_FUNCTION

varchar2(255)

Target function

TARGET_OPERATIONAL_CONEXT

varchar2(255)

Target operational context

RV49

varchar2(255)

TAXONOMY_ID

number(38,0)

Taxonomy identifier

REFERENCE_ID_01-REFERENCE_ID_20

number(38,0)

CV01-CV10

number(38,0)

CV11-CV20

date

CV21- CV29

varchar2(255)

CV30- CV34

varchar2(4000)

CV35- CV100

varchar2(255)

INIT_USER_ID

varchar2(255)

The initiating account's source-specific identifier as determined by the Collector based on raw device data.

INIT_USER_IDENTITY

varchar2(36)

The internal UUID of the identity associated with the initiating account.

TARGET_USER_ID

varchar2(255)

Target user ID

TARGET_USER_IDENTITY

varchar2(36)

Target user identity

EFFECTIVE_USER_NAME

varchar2(255)

Effective user name

EFFECTIVE_USER_ID

varchar2(255)

Effective user ID

EFFECTIVE_USER_DOMAIN

varchar2(255)

Effective user domain

TARGET_TRUST_NAME

varchar2(255)

Target trust name

TARGET_TRUST_ID

varchar2(255)

Target trust ID

TARGET_TRUST_DOMAIN

varchar2(255)

Target trust domain

OBSERVER_IP

number(38,0)

Observer IP address in numeric format

REPORTER_IP

number(38,0)

Reporter IP address in numeric format

OBSERVER_HOST_DOMAIN

varchar2(255)

Observer host domain

REPORTER_HOST_DOMAIN

varchar2(255)

Reporter host domain

OBSERVER_ASSET_ID

varchar2(255)

Observer asset identifier

REPORTER_ASSET_ID

varchar2(255)

Reporter asset identifier

INIT_SERVICE_COMP

varchar2(255)

Initiator service component

TARGET_SERVICE_COMP

varchar2(255)

Target service component

EVENT_GROUP_ID

varchar2(255)

CUSTOMER_VAR_101-CUSTOMER_VAR_110

number(38,0)

CUSTOMER_VAR_111-CUSTOMER_VAR_120

date

CUSTOMER_VAR_121-CUSTOMER_VAR_130

varchar2(36)

CUSTOMER_VAR_131-CUSTOMER_VAR_140

number(38,0)

CUSTOMER_VAR_141-CUSTOMER_VAR_150

varchar2(255)

7.1.48 EVT_AGENT_RPT_V

View references EVT_AGENT table that stores information about Collectors.

Column Name

Datatype

Comment

AGENT_ID

number(38)

Collector identifier

CUST_ID

number(38)

AGENT

varchar2(64)

Collector name

PORT

varchar2(64)

Collector port

REPORT_NAME

varchar2(255)

Reporter name

PRODUCT_NAME

varchar2(255)

Product name

SENSOR_NAME

varchar2(255)

Sensor name

SENSOR_TYPE

varchar2(5)

Sensor type:

H - host-based

N - network-based

V - virus

O – other

DEVICE_CATEGORY

varchar2(255)

Device category

SOURCE_UUID

varchar2(36)

Source component Universal Unique Identifier (UUID)

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.49 EVT_AGENT_RPT_V3

View references EVT_AGENT table that stores information about Collectors. The column names in this view reflects the name change of Sensor to Observer. This view is designed for use in Sentinel 6.1.

Column Name

Datatype

Comment

AGENT_ID

number(38,0)

Collector identifier

CUST_ID

number(38,0)

Customer identifier

AGENT

varchar2(64)

Collector

PORT

varchar2(64)

Port

REPORTER_HOST_NAME

varchar2(255)

Reporter host name

PRODUCT_NAME

varchar2(255)

OBSERVER_HOST_NAME

varchar2(255)

SENSOR_TYPE

varchar2(5)

Sensor type:

H - host-based

N - network-based

V - virus

O - other

DEVICE_CATEGORY

varchar2(255)

Device category

SOURCE_UUID

varchar2(36)

Source component Universal Unique Identifier (UUID)

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.50 EVT_ASSET_RPT_V

View references EVT_ASSET table that stores asset information.

Column Name

Datatype

Comment

EVENT_ASSET_ID

number(38)

Event asset identifier

CUST_ID

number(38)

Customer identifier

ASSET_NAME

varchar2(255)

Asset name

PHYSICAL_ASSET_NAME

varchar2(255)

Physical asset name

REFERENCE_ASSET_ID

varchar2(100)

Reference asset identifier, links to source asset management system.

MAC_ADDRESS

varchar2(100)

MAC address

RACK_NUMBER

varchar2(50)

Rack number

ROOM_NAME

varchar2(100)

Room name

BUILDING_NAME

varchar2(255)

Building name

CITY

varchar2(100)

City

STATE

varchar2(100)

State

COUNTRY

varchar2(100)

Country

ZIP_CODE

varchar2(50)

Zip code

ASSET_CATEGORY_NAME

varchar2(100)

Asset category name

NETWORK_IDENTITY_NAME

varchar2(255)

Asset network identity name

ENVIRONMENT_IDENTITY_NAME

varchar2(255)

Environment name

ASSET_VALUE_NAME

varchar2(50)

Asset value name

CRITICALITY_NAME

varchar2(50)

Asset criticality name

SENSITIVITY_NAME

varchar2(50)

Asset sensitivity name

CONTACT_NAME_1

varchar2(255)

Name of contact person/organization 1

CONTACT_NAME_2

varchar2(255)

Name of contact person/organization 2

ORGANIZATION_NAME_1

varchar2(100)

Asset owner organization level 1

ORGANIZATION_NAME_2

varchar2(100)

Asset owner organization level 2

ORGANIZATION_NAME_3

varchar2(100)

Asset owner organization level 3

ORGANIZATION_NAME_4

varchar2(100)

Asset owner organization level 4

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.51 EVT_ASSET_RPT_V3

View references EVT_ASSET table that stores asset information. This view is designed for Sentinel 6.1.

Column Name

Datatype

Comment

ASSET_CRITICALITY

varchar2(50)

ASSET_CLASS

varchar2(100)

ASSET_FUNCTION

varchar2(255)

ASSET_DEPARTMENT

varchar2(100)

Asset department

DATE_CREATED

Date

Date the entry was created

DATE_MODIFIED

Date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.52 EVT_DEST_EVT_NAME_SMRY_1_RPT_V

View summarizes event count by destination, taxonomy, event name, severity and event time.

Column Name

Datatype

Comment

DESTINATION_IP

number(38)

Destination IP address

DESTINATION_EVENT_ASSET_ID

number(38)

Event asset identifier

TAXONOMY_ID

number(38)

Taxonomy identifier

EVENT_NAME_ID

number(38)

Event name identifier

SEVERITY

number(38)

Event severity

CUST_ID

number(38)

Customer identifier

EVENT_TIME

date

Event time

EVENT_COUNT

number(38)

Event count

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

DESTINATION_HOST_NAME

varchar2(255)

7.1.53 EVT_DEST_SMRY_1_RPT_V

View contains event destination summary information.

Column Name

Datatype

Comment

DESTINATION_IP

number(38)

Destination IP address

DESTINATION_EVENT_ASSET_ID

number(38)

Event asset identifier

DESTINATION_PORT

varchar2(32)

Destination port

DESTINATION_USER_ID

number(38)

Destination user identifier

TAXONOMY_ID

number(38)

Taxonomy identifier

EVENT_NAME_ID

number(38)

Event name identifier

RESOURCE_ID

number(38)

Resource identifier

AGENT_ID

number(38)

Collector identifier

PROTOCOL_ID

number(38)

Protocol identifier

SEVERITY

number(38)

Event severity

CUST_ID

number(38)

Customer identifier

EVENT_TIME

date

Event time

EVENT_COUNT

number(38)

Event count

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

DESTINATION_HOST_NAME

varchar2(255)

7.1.54 EVT_DEST_TXNMY_SMRY_1_RPT_V

View summarizes event count by destination, taxonomy, severity and event time.

Column Name

Datatype

Comment

DESTINATION_IP

number(38)

Destination IP address

DESTINATION_EVENT_ASSET_ID

number(38)

Event asset identifier

TAXONOMY_ID

number(38)

Taxonomy identifier

SEVERITY

number(38)

Event severity

CUST_ID

number(38)

Customer identifier

EVENT_TIME

date

Event time

EVENT_COUNT

number(38)

Event count

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

DESTINATION_HOST_NAME

varchar2(255)

7.1.55 EVT_NAME_RPT_V

View references EVT_NAME table that stores event name information.

Column Name

Datatype

Comment

EVENT_NAME_ID

number(38)

Event name identifier

EVENT_NAME

varchar2(255)

Event name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.56 EVT_PORT_SMRY_1_RPT_V

View summarizes event count by destination port, severity and event time.

Column Name

Datatype

Comment

DESTINATION_PORT

varchar2(32)

Destination port

SEVERITY

number(38)

Event severity

CUST_ID

number(38)

Customer identifier

EVENT_TIME

date

Event time

EVENT_COUNT

number(38)

Event count

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.57 EVT_PRTCL_RPT_V

View references EVT_PRTCL table that stores event protocol information.

Column Name

Datatype

Comment

PROTOCOL_ID

number(38)

Protocol identifier

PROTOCOL_NAME

varchar2(255)

Protocol name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.58 EVT_PRTCL_RPT_V3

View references EVT_PRTCL table that stores event protocol information.

Column Name

Datatype

Comment

PROTOCOL_ID

number(38,0)

Protocol identifier

PROTOCOL

varchar2(255)

Protocol name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.59 EVT_RSRC_RPT_V

View references EVT_RSRC table that stores event resource information.

Column Name

Datatype

Comment

RESOURCE_ID

number(38)

Resource identifier

CUST_ID

number(38)

Customer Identifier

RESOURCE_NAME

varchar2(255)

Resource name

SUB_RESOURCE_NAME

varchar2(255)

Subresource name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.60 EVT_SEV_SMRY_1_RPT_V

View summarizes event count by severity and event time.

Column Name

Datatype

Comment

SEVERITY

number(38)

Event severity

CUST_ID

number(38)

Customer identifier

EVENT_TIME

date

Event time

EVENT_COUNT

number(38)

Event count

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.61 EVT_SRC_COLLECTOR_RPT_V

View contains information about the Event Source Management configuration.

Column Name

Datatype

Comment

EVT_SRC_COLLECTOR_ID

varchar2(36)

Event source collector identifier

SENTINEL_PLUGIN_ID

varchar2(36)

Sentinel plug-in identifier

EVT_SRC_MGR_ID

varchar2(36)

Event source manager identifier

EVT_SRC_COLLECTOR_NAME

varchar2(255)

Event source collector name

STATE_IND

number(1,0)

State indicator

EVT_SRC_COLLECTOR_PROPS

clob

Event source collector prop

MAP_FILTER

clob

Map filter

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

7.1.62 EVT_SRC_GRP_RPT_V

View contains information about the Event Source Management configuration.

Column Name

Datatype

Comment

EVT_SRC_GRP_ID

varchar2(36)

Event source group identifier

EVT_SRC_COLLECTOR_ID

varchar2(36)

Event source collector identifier

SENTINEL_PLUGIN_ID

varchar2(36)

Sentinel plug-in identifier

EVT_SRC_SRVR_ID

varchar2(36)

Event source server identifier

EVT_SRC_GRP_NAME

varchar2(255)

Event source group name

STATE_IND

number(1,0)

State indicator

EVT_SRC_DEFAULT_CONFIG

clob

Event source default configuration

MAP_FILTER

clob

Map filter

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

7.1.63 EVT_SRC_MGR_RPT_V

View contains information about the Event Source Management configuration.

Column Name

Datatype

Comment

EVT_SRC_MGR_ID

varchar2(36)

Event source manager identifier

SENTINEL_ID

varchar2(36)

Sentinel identifier

EVT_SRC_MGR_NAME

varchar2(255)

Event source manager name

SENTINEL_HOST_ID

varchar2(36)

Sentinel host identifier

STATE_IND

number(1,0)

State indicator

EVT_SRC_MGR_CONFIG

clob

Event source manager configuration

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

7.1.64 EVT_SRC_OFFSET_RPT_V

View contains information about the Event Source Management configuration.

Column Name

Datatype

Comment

EVT_SRC_ID

varchar2(36)

Event source identifier

OFFSET_VAL

clob

Offset value

OFFSET_TIMESTAMP

date

Offset timestamp

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

7.1.65 EVT_SRC_RPT_V

View contains information about the Event Source Management configuration.

Column Name

Datatype

Comment

EVT_SRC_ID

varchar2(36)

Event source identifier

EVT_SRC_NAME

varchar2(255)

Event source name

EVT_SRC_GRP_ID

varchar2(36)

Event source group identifier

STATE_IND

number(1,0)

State indicator

MAP_FILTER

clob

Map filter

EVT_SRC_CONFIG

clob

Event source configuration

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

7.1.66 EVT_SRC_SMRY_1_RPT_V

View contains event source and destination summary information.

Column Name

Datatype

Comment

SOURCE_IP

number(38)

Source IP address

SOURCE_EVENT_ASSET_ID

number(38)

Source event asset identifier

SOURCE_PORT

varchar2(32)

Source port

SOURCE_USER_ID

number(38)

Source user identifier

TAXONOMY_ID

number(38)

Taxonomy identifier

EVENT_NAME_ID

number(38)

Event name identifier

RESOURCE_ID

number(38)

Resource identifier

AGENT_ID

number(38)

Collector identifier

PROTOCOL_ID

number(38)

Protocol identifier

SEVERITY

number(38)

Event severity

CUST_ID

number(38)

Customer identifier

EVENT_TIME

date

Event time

EVENT_COUNT

number(38)

Event count

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

SOURCE_HOST_NAME

varchar2(255)

7.1.67 EVT_SRC_SRVR_RPT_V

View contains information about the Event Source Management configuration.

Column Name

Datatype

Comment

EVT_SRC_SRVR_ID

varchar2(36)

Event source server identifier

EVT_SRC_SRVR_NAME

varchar2(255)

Event source server name

EVT_SRC_MGR_ID

varchar2(36)

Event source manager identifier

SENTINEL_PLUGIN_ID

varchar2(36)

Sentinel plug-in identifier

STATE_IND

number(1,0)

State indicator

EVT_SRC_SRVR_CONFIG

clob

Event source server configuration

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

7.1.68 EVT_TXNMY_RPT_V

View references EVT_TXNMY table that stores event taxonomy information.

Column Name

Datatype

Comment

TAXONOMY_ID

number(38)

Taxonomy identifier

TAXONOMY_LEVEL_1

varchar2(100)

Taxonomy level 1

TAXONOMY_LEVEL_2

varchar2(100)

Taxonomy level 2

TAXONOMY_LEVEL_3

varchar2(100)

Taxonomy level 3

TAXONOMY_LEVEL_4

varchar2(100)

Taxonomy level 4

DEVICE_CATEGORY

varchar2(255)

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.69 EVT_USR_RPT_V

View references EVT_USR table that stores event user information.

Column Name

Datatype

Comment

USER_ID

number(38)

User identifier

USER_NAME

varchar2(255)

User name

USER_DOMAIN

varchar2(255)

CUST_ID

number(38)

Customer identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.70 EVT_XDAS_TXNMY_RPT_V

Column Name

Datatype

Comment

EVENT_TAXONOMY

varchar2(255)

Event taxonomy name

EVENT_OUTCOME

varchar2(255)

Event outcome name

XDAS_REGISTRY

number(38,0)

XDAS registry

XDAS_PROVIDER

number(38,0)

XDAS provider

XDAS_CLASS

number(38,0)

XDAS class

XDAS_IDENTIFIER

number(38,0)

XDAS identifier

XDAS_OUTCOME

number(38,0)

XDAS outcome

XDAS_DETAIL

number(38,0)

XDAS detail

XDAS_TAXONOMY_ID

number(38,0)

XDAS taxonomy identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.71 EXTERNAL_DATA_RPT_V

View references EXTERNAL_DATA table that stores external data.

Column Name

Datatype

Comment

EXTERNAL_DATA_ID

number

External data identifier

SOURCE_NAME

varchar2(50)

Source name

SOURCE_DATA_ID

varchar2(255)

Source data identifier

EXTERNAL_DATA

clob

External data

EXTERNAL_DATA_TYPE

varchar2(10)

External data type

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.72 HIST_CORRELATED_EVENTS_RPT_V (legacy view)

This view is provided for backward compatibility. New report should use CORRELATED_EVENTS_RPT_V1 instead.

7.1.73 HIST_EVENTS_RPT_V (legacy view)

This view is provided for backward compatibility. Sentinel 6.0 reports should use EVENTS_RPT_V2 instead. Sentinel 6.1 reports should use EVENTS_RPT_V3 instead.

7.1.74 IMAGES_RPT_V

View references IMAGES table that stores system overview image information.

Column Name

Datatype

Comment

NAME

varchar2(128)

Image name

TYPE

varchar2(64)

Image type

DATA

clob

Image data

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.75 INCIDENTS_ASSETS_RPT_V

View references INCIDENTS_ASSETS table that stores information about the assets that makeup incidents created in the Sentinel Console.

Column Name

Datatype

Comment

INC_ID

number

Incident identifier – sequence number

ASSET_ID

varchar2(36)

Asset Universal Unique Identifier (UUID)

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.76 INCIDENTS_EVENTS_RPT_V

View references INCIDENTS_EVENTS table that stores information about the events that makeup incidents created in the Sentinel Console.

Column Name

Datatype

Comment

INC_ID

number

Incident identifier – sequence number

EVT_ID

varchar2(36)

Event Universal Unique Identifier (UUID)

EVT_TIME

date

Event time

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.77 INCIDENTS_RPT_V

View references INCIDENTS table that stores information describing the details of incidents created in the Sentinel Console.

Column Name

Datatype

Comment

INC_ID

number

Incident identifier – sequence number

NAME

varchar2(255)

Incident name

SEVERITY

number

Incident severity

STT_ID

number

Incident State ID

SEVERITY_RATING

varchar2(32)

Average of all the event severities that comprise an incident.

VULNERABILITY_RATING

varchar2(32)

Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.

CRITICALITY_RATING

varchar2(32)

Reserved for future use by Novell. Use of this field for any other purpose might result in data being overwritten by future functionality.

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

INC_DESC

varchar2(4000)

Incident description

INC_CAT

varchar2(255)

Incident category

INC_PRIORITY

number

Incident priority

INC_RES

varchar2(4000)

Incident resolution

7.1.78 INCIDENTS_VULN_RPT_V

View references INCIDENTS_VULN table that stores information about the vulnerabilities that makeup incidents created in the Sentinel Console.

Column Name

Datatype

Comment

INC_ID

number

Incident identifier – sequence number

VULN_ID

varchar2(36)

Vulnerability Universal Unique Identifier (UUID)

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.79 L_STAT_RPT_V

View references L_STAT table that stores statistical information.

Column Name

Datatype

Comment

RES_NAME

varchar2(32)

Resource name

STATS_NAME

varchar2(32)

Statistic name

STATS_VALUE

varchar2(32)

Value of the statistic

OPEN_TOT_SECS

number(38)

Number of seconds since 1970.

7.1.80 LOGS_RPT_V

View references LOGS_RPT table that stores logging information.

Column Name

Datatype

Comment

LOG_ID

number

Sequence number

TIME

date

Date of Log

MODULE

varchar2(64)

Module log is for

TEXT

varchar2(4000)

Log text

7.1.81 MSSP_ASSOCIATIONS_V

View references MSSP_ASSOCIATIONS table that associates an number key in one table to a UUID in another table.

Column Name

Datatype

Comment

TABLE1

varchar2(64)

Table name 1

ID1

number(38)

ID1

TABLE2

varchar2(64)

Table name 2

ID2

varchar2(36)

ID2

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.82 NETWORK_IDENTITY_RPT_V

View references NETWORK_IDENTITY_LKUP table that stores asset network identity information.

Column Name

Datatype

Comment

NETWORK_IDENTITY_ID

number(38)

Network identity code

NETWORK_IDENTITY_NAME

varchar2(255)

Network identify name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.83 ORGANIZATION_RPT_V

View references ORGANIZATION table that stores organization (asset) information.

Column Name

Datatype

Comment

ORGANIZATION_ID

varchar2(36)

Organization identifier

ORGANIZATION_NAME

varchar2(100)

Organization name

CUST_ID

number(38)

Customer identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.84 PERSON_RPT_V

View references PERSION table that stores personal (asset) information.

Column Name

Datatype

Comment

PERSON_ID

varchar2(36)

Person identifier

FIRST_NAME

varchar2(255)

First name

LAST_NAME

varchar2(255)

Last name

CUST_ID

number(38)

Customer identifier

PHONE_NUMBER

varchar2(50)

Phone number

EMAIL_ADDRESS

varchar2(255)

E-mail address

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.85 PHYSICAL_ASSET_RPT_V

View references PHYSICAL_ASSET table that stores physical asset information.

Column Name

Datatype

Comment

PHYSICAL_ASSET_ID

varchar2(36)

Physical asset identifier

CUST_ID

number(38)

Customer identifier

HOST_NAME

varchar2(255)

Host name

IP_ADDRESS

number(38)

IP address

LOCATION_ID

number(38)

Location identifier

NETWORK_IDENTITY_ID

number(38)

Network identity code

MAC_ADDRESS

varchar2(100)

MAC address

RACK_NUMBER

varchar2(50)

Rack number

ROOM_NAME

varchar2(100)

Room name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.86 PRODUCT_RPT_V

View references PRDT table that stores asset product information.

Column Name

Datatype

Comment

PRODUCT_ID

number(38)

Product identifier

PRODUCT_NAME

varchar2(255)

Product name

PRODUCT_VERSION

varchar2(100)

Product version

VENDOR_ID

number(38)

Vendor identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.87 ROLE_RPT_V

View references ROLE_LKUP table that stores user role (asset) information.

Column Name

Datatype

Comment

ROLE_CODE

varchar2(5)

Role code

ROLE_NAME

varchar2(255)

Role name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.88 RPT_LABELS_RPT_V

View contains report label translations.

Column Name

Datatype

Comment

RPT_NAME

varchar2(100)

Report name

LABEL_1 - 35

varchar2(2000)

Translated report labels

7.1.89 SENSITIVITY_RPT_V

View references SENSITIVITY_LKUP table that stores asset sensitivity information.

Column Name

Datatype

Comment

SENSITIVITY_ID

number(38)

Asset sensitivity code

SENSITIVITY_NAME

varchar2(50)

Asset sensitivity name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.90 SENTINEL_HOST_RPT_V

View contains data used internally by Sentinel.

Column Name

Datatype

Comment

SENTINEL_HOST_ID

varchar2(36)

Sentinel host identifier

SENTINEL_ID

varchar2(36)

Sentinel identifier

SENTINEL_HOST_NAME

varchar2(255)

Sentinel host name

HOST_NAME

varchar2(255)

Host name

IP_ADDR

varchar2(255)

Host IP address

HOST_OS

varchar2(255)

Host operating system

HOST_OS_VERSION

varchar2(255)

Host operating system version

MODIFIED_BY

number(38,0)

User who last modified object

CREATED_BY

number(38,0)

User who created object

DATE_CREATED

Date

Date the entry was created

DATE_MODIFIED

Date

Date the entry was modified

7.1.91 SENTINEL_PLUGIN_RPT_V

View contains data used internally by Sentinel.

Column Name

Datatype

Comment

SENTINEL_HOST_ID

varchar2(36)

Sentinel host identifier

SENTINEL_ID

varchar2(36)

Sentinel identifier

SENTINEL_HOST_NAME

varchar2(255)

Sentinel host name

HOST_NAME

varchar2(255)

Host name

IP_ADDR

varchar2(255)

Host IP address

HOST_OS

varchar2(255)

Host operating system

HOST_OS_VERSION

varchar2(255)

Host operating system version

MODIFIED_BY

number(38,0)

User who last modified object

CREATED_BY

number(38,0)

User who created object

DATE_CREATED

Date

Date the entry was created

DATE_MODIFIED

Date

Date the entry was modified

7.1.92 SENTINEL_RPT_V

View contains data used internally by Sentinel.

Column Name

Datatype

Comment

SENTINEL_ID

varchar2(36)

Sentinel identifier

SENTINEL_NAME

varchar2(255)

Sentinel name

ONLINE_IND

number(1,0)

Online indicator

STATE_IND

number(1,0)

State indicator

SENTINEL_CONFIG

clob

Sentinel configuration

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

7.1.93 STATES_RPT_V

View references STATES table that stores definitions of states defined by applications or context.

Column Name

Datatype

Comment

STT_ID

number(38)

State ID – sequence number

CONTEXT

varchar2(64)

Context of the state. That is case, incident, user.

NAME

varchar2(64)

Name of the state.

TERMINAL_FLAG

varchar2(1)

Indicates if state of incident is resolved.

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

MODIFIED_BY

number

User who last modified object

CREATED_BY

number

User who created object

7.1.94 UNASSIGNED_INCIDENTS_RPT_V

View references CASES and INCIDENTS tables to report on unassigned cases.

Name

Datatype

Comment

INC_ID

number

NAME

varchar2(255)

SEVERITY

number

STT_ID

number

SEVERITY_RATING

varchar2(32)

VULNERABILITY_RATING

varchar2(32)

CRITICALITY_RATING

varchar2(32)

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

INC_DESC

varchar2(4000)

INC_CAT

varchar2(255)

INC_PRIORITY

number

INC_RES

varchar2(4000)

7.1.95 USERS_RPT_V

View references USERS table that lists all users of the application. The users will also be created as database users to accommodate 3rd party reporting tools.

Column Name

Datatype

Comment

USR_ID

number

User identifier – Sequence number

NAME

varchar2(64)

Short, unique user name used as a login

CNT_ID

number

Contact ID – Sequence number

STT_ID

number

State ID. Status is either active or inactive.

DESCRIPTION

varchar2(512)

Comments

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

PERMISSIONS

varchar2(4000)

Permissions currently assigned to the Sentinel user

FILTER

varchar2(128)

Current security filter assigned to the Sentinel user

UPPER_NAME

varchar2(64)

User name in upper case

DOMAIN_AUTH_IND

number (1)

Domain authentication indication

7.1.96 USR_ACCOUNT_RPT_V

View contains user account information from an identity management system.

Column Name

Datatype

Comment

ACCOUNT_ID

number(38,0)

Account identifier

USER_NAME

varchar2(255)

User name

USER_DOMAIN

varchar2(255)

User domain

CUST_ID

number(38,0)

Customer identifier

BEGIN_EFFECTIVE_DATE

date

Begin effective date

END_EFFECTIVE_DATE

date

End effective date

CURRENT_F

number(1,0)

Current flag

USER_STATUS

varchar2(50)

User status

IDENTITY_GUID

varchar2(36)

Identity identifier

SOURCE_USER_ID

varchar2(100)

User ID on source system

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.97 USR_IDENTITY_EXT_ATTR_RPT_V

View contains extended attributes information from an identity management system, including name value pairs in the ATTRIBUTE_NAME and ATTRIBUTE_VALUE columns.

Column Name

Datatype

Comment

IDENTITY_GUID

varchar2(36)

Identity identifier

ATTRIBUTE_NAME

varchar2(255)

Attribute name

ATTRIBUTE_VALUE

varchar2(1024)

Attribute value

7.1.98 USR_IDENTITY_RPT_V

View contains user identity information from an identity management system.

Column Name

Datatype

Comment

IDENTITY_GUID

varchar2(36)

Identity identifier

DN

varchar2(255)

Distinguished name

CUST_ID

number(38,0)

Customer identifier

SRC_IDENTITY_ID

varchar2(100)

Source identity identifier

WFID

varchar2(100)

Workforce identifier

FIRST_NAME

varchar2(255)

First name

LAST_NAME

varchar2(255)

Last name

FULL_NAME

varchar2(255)

Full name

JOB_TITLE

varchar2(255)

Job title

DEPARTMENT_NAME

varchar2(100)

Department name

OFFICE_LOC_CD

varchar2(100)

Office location code

PRIMARY_EMAIL

varchar2(255)

Primary e-mail address

PRIMARY_PHONE

varchar2(100)

Primary phone number

VAULT_NAME

varchar2(100)

Identity vault name

MGR_GUID

varchar2(36)

Manager identity identifier

PHOTO

clob

Photo

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.99 VENDOR_RPT_V

View references VNDR table that stores information about asset product vendors.

Column Name

Datatype

Comment

VENDOR_ID

number(38)

Vendor identifier

VENDOR_NAME

varchar2(255)

Vendor name

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38)

User who created object

MODIFIED_BY

number(38)

User who last modified object

7.1.100 VULN_CALC_SEVERITY_RPT_V

View references VULN_RSRC and VULN to calculate eSecurity vulnerability severity rating base on current vulnerabilities.

Column Name

Datatype

Comment

RSRC_ID

varchar2(36)

Resource identifier

IP

varchar2(32)

IP

HOST_NAME

varchar2(255)

Host name

CRITICALITY

number

Asset criticality code

ASSIGNED_VULN_SEVERITY

number

VULN_COUNT

number

Vulnerability Count

CALC_SEVERITY

number

Calculated severity

7.1.101 VULN_CODE_RPT_V

View references VULN_CODE table that stores industry assigned vulnerability codes such as Mitre’s CVEs and CANs.

Column Name

Datatype

Comment

VULN_CODE_ID

varchar2(36)

Vulnerability code identifier

VULN_ID

varchar2(36)

Vulnerability identifier

VULN_CODE_TYPE

varchar2(64)

Vulnerability code type

VULN_CODE_VALUE

varchar2(255)

Vulnerability code value

URL

varchar2(512)

Web URL

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.102 VULN_INFO_RPT_V

View references VULN_INFO table that stores additional information reported during a scan.

Column Name

Datatype

Comment

VULN_INFO_ID

varchar2(36)

Vulnerability info identifier

VULN_ID

varchar2(36)

Vulnerability identifier

VULN_INFO_TYPE

varchar2(36)

Vulnerability info type

VULN_INFO_VALUE

varchar2(2000)

Vulnerability info value

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.103 VULN_RPT_V

View references VULN table that stores information of scanned system. Each scanner will have its own entry for each system.

Column Name

Datatype

Comment

VULN_ID

varchar2(36)

Vulnerability identifier

RSRC_ID

varchar2(36)

Resource identifier

PORT_NAME

varchar2(64)

Port Name

PORT_NUMBER

number

Port Number

NETWORK_PROTOCOL

number

Network Protocol

APPLICATION_PROTOCOL

varchar2(64)

Application Protocol

ASSIGNED_VULN_SEVERITY

number

COMPUTED_VULN_SEVERITY

number

VULN_DESCRIPTION

clob

Vulnerability description

VULN_SOLUTION

clob

Vulnerability solution

VULN_SUMMARY

varchar2(1000)

Vulnerability summary

BEGIN_EFFECTIVE_DATE

date

Date from which the entry is valid

END_EFFECTIVE_DATE

date

Date until which the entry is valid

DETECTED_OS

varchar2(64)

Operating system of scanned machine

DETECTED_OS_VERSION

varchar2(64)

Operating system version of scanned machine

SCANNED_APP

varchar2(64)

SCANNED_APP_VERSION

varchar2(64)

VULN_USER_NAME

varchar2(64)

Username used by scanner

VULN_USER_DOMAIN

varchar2(64)

Domain of user used by scanned

VULN_TAXONOMY

varchar2(1000)

SCANNER_CLASSIFICATION

varchar2(255)

VULN_NAME

varchar2(300)

VULN_MODULE

varchar2(64)

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.104 VULN_RSRC_RPT_V

View references VULN_RSRC table that stores each resource scanned for a particular scan.

Column Name

Datatype

Comment

RSRC_ID

varchar2(36)

Resource identifier

SCANNER_ID

varchar2(36)

Scanner identifier

IP

varchar2(32)

IP Address

HOST_NAME

varchar2(255)

Host name

LOCATION

varchar2(128)

Location

DEPARTMENT

varchar2(128)

Department

BUSINESS_SYSTEM

varchar2(128)

Business System

OPERATIONAL_ENVIRONMENT

varchar2(64)

Operational environment

CRITICALITY

number

Criticality

REGULATION

varchar2(128)

Regulation

REGULATION_RATING

varchar2(64)

Regulation rating

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.105 VULN_RSRC_SCAN_RPT_V

View references VULN_RSRC_SCAN table that stores each resource scanned for a particular scan.

Column Name

Datatype

Comment

RSRC_ID

varchar2(36)

Resource identifier

SCAN_ID

varchar2(36)

Vulnerability scan identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.106 VULN_SCAN_RPT_V

View references table that stores information pertaining to scans.

Column Name

Datatype

Comment

SCAN_ID

varchar2(36)

Vulnerability scan identifier

SCANNER_ID

varchar2(36)

Vulnerability scanner identifier

SCAN_TYPE

varchar2(10)

Vulnerability scan type

SCAN_START_DATE

date

Scan start date

SCAN_END_DATE

date

Scan start date

CONSOLIDATION_SERVER

varchar2(64)

Consolidation server

LOAD_STATUS

varchar2(64)

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.107 VULN_SCAN_VULN_RPT_V

View references VULN_SCAN_VULN table that stores vulnerabilities detected during scans.

Column Name

Datatype

Comment

SCAN_ID

varchar2(36)

Vulnerability scan identifier

VULN_ID

varchar2(36)

Vulnerability identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.108 VULN_SCANNER_RPT_V

View references VULN_SCANNER table that stores information about vulnerability scanners.

Column Name

Datatype

Comment

SCANNER_ID

varchar2(36)

Vulnerability scanner identifier

PRODUCT_NAME

varchar2(100)

Product Name

PRODUCT_VERSION

varchar2(64)

Product Version

SCANNER_TYPE

varchar2(64)

Vulnerability Scanner Type

VENDOR

varchar2(100)

Vendor

SCANNER_INSTANCE

varchar2(64)

Scanner Instance

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number

User who created object

MODIFIED_BY

number

User who last modified object

7.1.109 WORKFLOW_DEF_RPT_V

Column Name

Datatype

Comment

PKG_NAME

varchar2(255)

Package name

PKG_DATA

clob

Package data

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object

7.1.110 WORKFLOW_INFO_RPT_V

Column Name

Datatype

Comment

INFO_ID

number(38,0)

Info identifier

PROCESS_DEF_ID

varchar2(100)

Process definition identifier

PROCESS_INSTANCE_ID

varchar2(150)

Process instance identifier

DATE_CREATED

date

Date the entry was created

DATE_MODIFIED

date

Date the entry was modified

CREATED_BY

number(38,0)

User who created object

MODIFIED_BY

number(38,0)

User who last modified object