SchemaSpy Analysis of SIEM.publicWe recommend you use the Views and not the Tables for any reports you write Generated by
SchemaSpy
Generated by SchemaSpy on Mon Mar 26 23:24 EDT 2012
Database Type: PostgreSQL - 9.0.4

XML Representation
Insertion Order Deletion Order (for database loading/purging scripts)

Table / View Children Parents Columns Rows Comments
actvy 3 14 0 iTRAC activity (aka action) details
actvy_parm 1 1 14 0 Details of iTRAC activity parameters
actvy_parm_rpt_v 14 view Details of iTRAC activity parameters
actvy_ref 2 2 7 0 Details of iTRAC activity references
actvy_ref_parm_val 3 8 0 Details of iTRAC activity reference parameter values
actvy_ref_parm_val_rpt_v 8 view Details of iTRAC activity reference parameter values
actvy_ref_rpt_v 7 view Details of iTRAC activity references
actvy_rpt_v 14 view iTRAC activity (aka action) details
adv_nxs_feed 11 0 Advisor feed files that are processed on regular schedule
adv_nxs_feed_v 11 view Advisor feed files that are processed on regular schedule
adv_nxs_kb_patch 1 9 0 The patches that are required to remove vulnerabilities
adv_nxs_kb_patch_v 9 view The patches that are required to remove vulnerabilities
adv_nxs_kb_productsref 1 10 0 The products that are affected by vulnerability
adv_nxs_kb_productsref_v 10 view The products that are affected by vulnerability
adv_nxs_mappings 4 15 0 The mapping between each product such as IDS product signature, Vulnerability product signatures etc.
adv_nxs_mappings_v 15 view The mapping between each product such as IDS product signature, Vulnerability product signatures etc.
adv_nxs_osvdb_details 2 44 0 Known vulnerabilities from the OSVDB and the classification to which the vulnerability applies.
adv_nxs_osvdb_details_v 44 view Known vulnerabilities from the OSVDB and the classification to which the vulnerability applies.
adv_nxs_products 1 13 0 All the products that are supported by Novell for Advisor.
adv_nxs_products_v 13 view All the products that are supported by Novell for Advisor.
adv_nxs_signatures 4 1 10 0 List of signatures of the products that are supported by Novell for Advisor.
adv_nxs_signatures_v 10 view List of signatures of the products that are supported by Novell for Advisor.
annotations 7 0 Annotations (or notes) attached to incidents
annotations_rpt_v 7 view Annotations (or notes) attached to incidents
asset 1 7 15 0 Associates an asset with all of the detailed information about that asset, which is located in other tables.
asset_category_rpt_v 6 view Asset category information
asset_ctgry 1 6 0 Asset category information
asset_hostname 8 0 Asset hostname information
asset_hostname_rpt_v 8 view Asset hostname information
asset_ip 1 8 0 Asset IP address information
asset_ip_rpt_v 8 view Asset IP address information
asset_loc 1 13 0 Asset geographical location information
asset_location_rpt_v 13 view Asset geographical location information
asset_rpt_v 15 view Associates an asset with all of the detailed information about that asset, which is located in other tables.
asset_val_lkup 1 6 0 Asset value types
asset_value_rpt_v 6 view Asset value types
asset_x_entity_x_role 5 10 0 Associates an asset with all of the people, roles, and organizations related to the asset.
asset_x_entity_x_role_rpt_v 10 view Associates an asset with all of the people, roles, and organizations related to the asset.
associations 8 0 A table used for associating objects in various tables (such as users to incident, incident to annotations, etc.)
associations_rpt_v 8 view A table used for associating objects in various tables (such as users to incident, incident to annotations, etc.)
attachments 12 0 Incident attachments
attachments_rpt_v 12 view Incident attachments
configs 9 0 General configuration information of the system.
configs_rpt_v 9 view General configuration information of the system.
console_slms 1 12 0 The list of distributed search initiators configured in this system.
contacts_rpt_v 13 view The list of Sentinel users
corr_act_def 2 7 0 Definitions of actions, which is useful for describing actions in action configuration user interfaces.
corr_act_meta 1 7 0 Action metadata that is useful to describing an action, particular for use in action configuration user interfaces.
corr_act_parm 2 9 0 Stores the parameter values (e.g, as entered by a user) for instances of actions.
corr_act_parm_def 1 1 8 0 The definitions of action parameters, which is useful for describing action parameters in action configuration user interfaces.
corr_deploy_config 1 1 8 0 Correlation rule deployment configuration details.
corr_engine_config 2 9 0 Correlation engine configuration details.
corr_rule 12 0 Correlation rules
corr_rule_cfg 2 10 0 Correlation rule configuration details.
correlated_events 9 0 Associates a correlation event with the events that triggered the correlation event. This table is used to figure out what caused a correlation rule to fire.
correlated_events_rpt_v 9 view Associates a correlation event with the events that triggered the correlation event. This table is used to figure out what caused a correlation rule to fire.
crit_lkup 1 6 0 Asset criticality types
criticality_rpt_v 6 view Asset criticality types
cust 6 0 Lists of all of the MSSP customer names.
cust_hierarchy 10 0 The hierarchy of an MSSP customer. This is used to create a logical organization of customer names.
cust_hierarchy_v 10 view The hierarchy of an MSSP customer. This is used to create a logical organization of customer names.
cust_rpt_v 6 view Lists of all of the MSSP customer names.
disk_monitor 4 0 Disk size information collected by a periodically run disk monitor job.
dist_search_config 9 0 Distributed search configuration.
entity_typ_lkup 1 6 0 Asset entity types (such as person, organization)
entity_type_rpt_v 6 view Asset entity types (such as person, organization)
env_identity_lkup 1 6 0 Asset environment identity types
env_identity_rpt_v 6 view Asset environment identity types
esec_content 2 11 0 Part of the solution pack content tracking system. This table holds the details of the content that is present in a solution pack.
esec_content_grp 1 1 9 0 Part of the solution pack content tracking system. This table holds the details of the content groups that are present in a solution pack.
esec_content_grp_content 3 8 0 Part of the solution pack content tracking system. This table associates content groups to content.
esec_content_grp_content_rpt_v 8 view Part of the solution pack content tracking system. This table associates content groups to content.
esec_content_grp_rpt_v 9 view Part of the solution pack content tracking system. This table holds the details of the content groups that are present in a solution pack.
esec_content_pack 1 8 0 Part of the solution pack content tracking system. This table holds the details of the solution packs that are present in the system.
esec_content_pack_rpt_v 8 view Part of the solution pack content tracking system. This table holds the details of the solution packs that are present in the system.
esec_content_rpt_v 11 view Part of the solution pack content tracking system. This table holds the details of the content that is present in a solution pack.
esec_ctrl 1 1 11 0 Part of the solution pack content tracking system. This table holds the details of the controls that are present in a solution pack.
esec_ctrl_ctgry 1 1 9 0 Part of the solution pack content tracking system. This table holds the details of the control categories that are present in a solution pack.
esec_ctrl_ctgry_rpt_v 9 view Part of the solution pack content tracking system. This table holds the details of the control categories that are present in a solution pack.
esec_ctrl_rpt_v 11 view Part of the solution pack content tracking system. This table holds the details of the controls that are present in a solution pack.
esec_db_patches 4 0 Contains a list of the patches applied to the database schema.
esec_db_version 4 1 The version of the database schema.
esec_display 15 0 Contains a list of all event fields, including their name, whether they are populated with data by the mapping service, and other details related to the field.
esec_display_rpt_v 15 view Contains a list of all event fields, including their name, whether they are populated with data by the mapping service, and other details related to the field.
esec_namespace 7 0 (Deprecated) Information about namespaces folders that certain objects (such as correlation rules) are able to be defined within.
esec_namespace_leaf 7 0 (Deprecated) Information about namespaces that certain objects (such as correlation rules) are able to be defined within. A namespace leaf represents the association of an instance of an object with the namespace.
esec_port_reference 1 8 0 Industry standard assigned port numbers
esec_port_reference_rpt_v 8 view Industry standard assigned port numbers
esec_protocol_reference 1 7 0 Industry standard assigned protocol numbers
esec_protocol_reference_rpt_v 7 view Industry standard assigned protocol numbers
esec_sequence 7 0 Used to generate primary key sequence for other tables
esec_sequence_rpt_v 7 view Used to generate primary key sequence for other tables
esec_user_report_state 2 7 0 Status details of user's report (e.g., read/unread)
esec_uuid_uuid_assoc 8 0 Associates objects in one table to objects in another table. This table is used to associate a variety of objects with other kinds of objects (such as a Report Data Definition with the Data Synchronization Policy it relates to).
esec_uuid_uuid_assoc_rpt_v 8 view Associates objects in one table to objects in another table. This table is used to associate a variety of objects with other kinds of objects (such as a Report Data Definition with the Data Synchronization Policy it relates to).
event_data_sync_policies 9 0 Data synchronization policy configuration data.
evt_datasync_info 9 0 Data synchronization status data.
evt_src 2 1 10 0 The configuration information for all event source nodes.
evt_src_collector 1 2 11 0 The configuration information for all collector nodes.
evt_src_collector_rpt_v 11 view The configuration information for all collector nodes.
evt_src_deleted 10 0 The configuration information for all deleted event source nodes.
evt_src_grp 1 3 12 0 The configuration information for all connector nodes (event source group is an internal name used for connector nodes).
evt_src_grp_rpt_v 12 view The configuration information for all connector nodes (event source group is an internal name used for connector nodes).
evt_src_mgr 3 2 10 0 The configuration information for all collector manager nodes (event source manager is an internal name used for collector manager nodes).
evt_src_mgr_rpt_v 10 view The configuration information for all collector manager nodes (event source manager is an internal name used for collector manager nodes).
evt_src_offset 1 7 0 The offset data for event source nodes.
evt_src_offset_rpt_v 7 view The offset data for event source nodes.
evt_src_rpt_v 10 view The configuration information for all event source nodes.
evt_src_srvr 2 2 10 0 The configuration information for all event source server nodes.
evt_src_srvr_rpt_v 10 view The configuration information for all event source server nodes.
ext_data 9 0 This table is used with external incident tracking to store a reference to the copy of the incident in the external system (such the ID of the incident located in the external system).
external_data_rpt_v 9 view This table is used with external incident tracking to store a reference to the copy of the incident in the external system (such the ID of the incident located in the external system).
filters 1 12 0 Filters used for various contexts
global_filter_corr_action_association 2 6 0 Association between Global filter and Correlation Actions
global_filters 2 13 0 A list of global filters
incidents 1 1 15 0 Details of incidents
incidents_assets 6 0 Assets that are associated with incidents
incidents_assets_rpt_v 6 view Assets that are associated with incidents
incidents_events 1 8 0 Events that are associated with incidents
incidents_events_rpt_v 8 view Events that are associated with incidents
incidents_rpt_v 15 view Details of incidents
incidents_vuln 6 0 Vulnerabilities that are associated with incidents
incidents_vuln_rpt_v 6 view Vulnerabilities that are associated with incidents
integrator_config 1 10 0 The configuration information for instances of integrators.
ixlog_part 1 22 0 Details of the event partitions located in the file-based event store
license_record 5 0 Holds records used for recording license compliance.
license_record_hours 5 0 Holds records used for recording license compliance.
license_record_lock 0 0 Used for synchronization of the license record trigger.
md_config 1 12 0 Various system configuration settings.
md_view_config 10 0 Configuration of the configurable table views in Sentinel Control Center. Table views are available for many objects, such as incidents, iTRAC processes, etc.
mssp_associations 8 0 Associates an MSSP Customer with that customer's objects (such as vulnerabilities, assets, etc.)
mssp_associations_v 8 view Associates an MSSP Customer with that customer's objects (such as vulnerabilities, assets, etc.)
network_identity_lkup 1 6 0 Asset network identity types
network_identity_rpt_v 6 view Asset network identity types
organization 1 7 0 Asset organization information
organization_rpt_v 7 view Asset organization information
partition_sync_info 4 0 Partition data synchronization status data.
permissions 1 8 0 Contains the list of predefined permissions for various functionality.
person 1 10 0 Information about a person that is related to an asset
person_rpt_v 10 view Information about a person that is related to an asset
physical_asset 2 2 13 0 Associates a physical asset with all of its physical asset attributes (such as IP, location, etc.)
physical_asset_rpt_v 13 view Associates a physical asset with all of its physical asset attributes (such as IP, location, etc.)
prdt 1 1 8 0 Asset product information
product_rpt_v 8 view Asset product information
raw_data_files_info 10 0 Details of the raw data files located in the file-based raw data store
role_lkup 1 6 0 Asset role types (such as business unit, department, division, etc.)
role_rpt_v 6 view Asset role types (such as business unit, department, division, etc.)
scheduled_job_detail 15 0 Details of jobs scheduled to run (such as running a report on a schedule).
sensitivity_lkup 1 6 0 Asset sensitivity types
sensitivity_rpt_v 6 view Asset sensitivity types
sentinel 2 9 0 A list of Sentinel systems known by this system. Currently, this table only contains the local live Sentinel system as well as the "offline" Sentinel used in the Event Source Manager Scratch Pad user interface.
sentinel_host 1 1 11 0 Details of the machine on which a sentinel component is installed.
sentinel_host_rpt_v 11 view Details of the machine on which a sentinel component is installed.
sentinel_plugin 6 11 0 Details of plug-ins (such as collector, connector, and reports) imported into the system. This table references the plug-in zip files, which are located on the Sentinel server filesystem.
sentinel_plugin_rpt_v 11 view Details of plug-ins (such as collector, connector, and reports) imported into the system. This table references the plug-in zip files, which are located on the Sentinel server filesystem.
sentinel_rpt_v 9 view A list of Sentinel systems known by this system. Currently, this table only contains the local live Sentinel system as well as the "offline" Sentinel used in the Event Source Manager Scratch Pad user interface.
states 2 8 0 Definitions of possible states of incidents
states_rpt_v 8 view Definitions of possible states of incidents
tag_event_source_association 2 6 0 Association of event source and tags
tag_event_source_association_v 6 view Association of event source and tags
tag_event_source_server_association 2 6 0 Association of event source server and tags
tag_event_source_server_association_v 6 view Association of event source server and tags
tag_event_src_manager_association 2 6 0 Association of collector manager and tags
tag_event_src_manager_association_v 6 view Association of collector manager and tags
tag_global_filter_association 2 6 0 Association between Tags and Global filter
tag_plugin_association 2 7 0 Association of plug-ins (such a reports) and tags
tag_plugin_association_v 7 view Association of plug-ins (such a reports) and tags
tags 7 6 0 List of tags
tags_v 6 view List of tags
target_slms 10 0 The list of distributed search targets configured in this system.
txnmy_node 8 0 (Deprecated) Data for all of the nodes in the hierarchical taxonomy tree. The XDAS taxonomy is now used instead of this data structure.
unassigned_incidents_rpt_v 15 view Details of unassigned incidents
user_group_mappings 2 6 0 Association between Sentinel users and groups (aka roles).
user_group_permissions 2 7 0 The permissions granted to a Sentinel group (aka role).
user_group_tags 2 6 0 (Not yet used) The tags associated with a Sentinel group (aka role).
user_groups 4 11 0 Sentinel groups (aka roles).
user_tag_permission_rules 10 0 (Not yet used) Defines the access a Sentinel group (aka role) has on objects tagged with certain tags.
user_tag_permission_rules_v 10 view Defines the access a Sentinel group (aka role) has on objects tagged with certain tags.
user_tag_state 2 6 0 Association of users and tags.
user_tag_state_v 6 view Association of users and tags.
users 4 1 20 0 The list of Sentinel users
users_rpt_v 20 view The list of Sentinel users
usr_account 1 14 0 Accounts associated with a user's identity
usr_account_rpt_v 14 view Accounts associated with a user's identity
usr_account_trust 1 12 0 Trusts (e.g., roles) associated with a user's identity
usr_account_trust_assoc 6 0 Association between a user's account and trusts
usr_account_trust_history 8 0 This table keeps track of the association between a user's account and trusts they were part of in the past (but may not be now).
usr_identity 2 20 0 User's Identity information (for example, synchronized from Novell Identity Manager or Microsoft Active Directory)
usr_identity_ext_attr 1 3 0 User's extended identity attributes
usr_identity_ext_attr_rpt_v 3 view User's extended identity attributes
usr_identity_rpt_v 20 view User's Identity information (for example, synchronized from Novell Identity Manager or Microsoft Active Directory)
usr_trust_type 1 6 0 Table of trust types.
vendor_rpt_v 6 view Asset product vendor information
vndr 1 6 0 Asset product vendor information
vuln 3 1 27 0 Vulnerability details
vuln_calc_severity_rpt_v 7 view Contains each resource (e.g., a host) scanned by a particular scanner and vulnerabilities
vuln_code 1 9 0 Industry Standard assigned Vulnerability Codes
vuln_code_rpt_v 9 view Industry Standard assigned Vulnerability Codes
vuln_info 1 8 0 Additional information reported during scan
vuln_info_rpt_v 8 view Additional information reported during scan
vuln_rpt_v 27 view Vulnerability details
vuln_rsrc 2 1 15 0 Contains each resource (e.g., a host) scanned by a particular scanner
vuln_rsrc_rpt_v 15 view Contains each resource (e.g., a host) scanned by a particular scanner
vuln_rsrc_scan 2 6 0 Associates which resources were scanned by a particular scanning operation of a scanner.
vuln_rsrc_scan_rpt_v 6 view Associates which resources were scanned by a particular scanning operation of a scanner.
vuln_scan 2 1 11 0 A list of each scan operation a scanner performed.
vuln_scan_rpt_v 10 view A list of each scan operation a scanner performed.
vuln_scan_vuln 2 6 0 Associates which vulnerabilities were found during a particular scan operation.
vuln_scan_vuln_rpt_v 6 view Associates which vulnerabilities were found during a particular scan operation.
vuln_scanner 2 10 0 The list of vulnerability scanners whose data was uploaded into the system.
vuln_scanner_rpt_v 10 view The list of vulnerability scanners whose data was uploaded into the system.
workflow_def 6 0 The iTRAC workflow templates.
workflow_def_rpt_v 6 view The iTRAC workflow templates.
workflow_info 7 0 Associates iTRAC workflow templates with instances of workflow processes.
workflow_info_rpt_v 7 view Associates iTRAC workflow templates with instances of workflow processes.
           
128 Tables     1,193 1  
87 Views     857