Listed below are the views available with Sentinel.
This view contains information about iTRAC activities.
This view contains information about iTRAC activities.
This view contains information about iTRAC activities.
This view contains information about iTRAC activities.
This view contains information about the Advisor feed files that are processed on a regular schedule.
This view contains information about all the products that are supported by Novell for Advisor, which include the Intrusion Detection System (IDS), Vulnerablility Scanners, and Knowledge Base (OSVDB, CVE, and Bugtraq).
This view contains the information about the list of signatures for each product that is supported by Novell for Advisor.
This view contains the mapping information for the products supported by Novell for Advisor. It provides information about the type of mapping between each product including the IDS product signatures, Vulnerability product signatures, and Knowledge Base product signatures.
This view contains information about the known vulnerablities from the OSVDB for the products supported by Novell for Advisor. It also stores the classifications to which the vulnerability applies.
This view contains information about the patches that are required to remove the vulnerabilities.
This view contains the information about the products that are affected by the vulnerability.
This iew references ASSET_CTGRY table that stores information about asset categories
This view references ASSET_HOSTNAME table that stores information about alternate host names for assets.
This view references ASSET_IP table that stores information about alternate IP addresses for assets.
This view references ASSET_LOC table that stores information about asset locations.
This view references ASSET table that stores information about the physical and soft assets.
This view references ASSET_VAL_LKUP table that stores information about the asset value.
This view references ASSET_X_ENTITY_X_ROLE table that associates a person or an organization to an asset.
This view references ASSOCIATIONS table that associates users to incidents, incidents to annotations and so on.
This view references ATTACHMENTS table that stores attachment data.
This view references AUDIT_RECORD table that stores Sentinel internal audit data.
This view references CONFIGS table that stores general configuration information of the application.
This view references CONTACTS table that stores contact information.
This view is provided for backward compatibility. New reports should use CORRELATED_EVENTS_RPT_V1.
This vew contains current and historical correlated events (correlated events imported from archives).
This view references CRIT_LKUP table that contains information about asset criticality.
This view references CUST_HIERARCHY table that stores information about MSSP customer hierarchy.
This view references CUST table that stores customer information for MSSPs.
This view references ENTITY_TYP table that stores information about entity types (person, organization).
This view references ENV_IDENTITY_LKUP table that stores information about asset environment identity.
This view contains information about Solution Packs.
This view contains information about Solution Packs.
This view contains information about Solution Packs.
This view contains information about Solution Packs.
This view contains information about Solution Packs.
This view contains information about Solution Packs.
This view references ESEC_DISPLAY table that stores displayable properties of objects. Currently used in renaming meta-tags. Used with Event Configuration (Business Relevance).
This view references ESEC_PORT_REFERENCE table that stores industry standard assigned port numbers.
Column Name |
Datatype |
Comment |
---|---|---|
PORT_NUMBER |
number |
Per http://www.iana.org/assignments/port-numbers, the numerical representation of the port. This port number is typically associated with the Transport Protocol level in the TCP/IP stack. |
PROTOCOL_NUMBER |
number |
Per http://www.iana.org/assignments/protocol-numbers, the numerical identifiers used to represent protocols that are encapsulated in an IP packet. |
PORT_KEYWORD |
varchar2(64) |
Per http://www.iana.org/assignments/port-numbers, the keyword representation of the port. |
PORT_DESCRIPTION |
varchar2(512) |
Port description. |
DATE_CREATED |
date |
Date the entry was created |
DATE_MODIFIED |
date |
Date the entry was modified |
CREATED_BY |
number |
User who created object |
MODIFIED_BY |
number |
User who last modified object |
This view references ESEC_PROTOCOL_REFERENCE table that stores industry standard assigned protocol numbers.
Column Name |
Datatype |
Comment |
---|---|---|
PROTOCOL_NUMBER |
number |
Per http://www.iana.org/assignments/protocol-numbers, the numerical identifiers used to represent protocols that are encapsulated in an IP packet. |
PROTOCOL_KEYWORD |
varchar2(64) |
Per http://www.iana.org/assignments/protocol-numbers, the keyword used to represent protocols that are encapsulated in an IP packet. |
PROTOCOL_DESCRIPTION |
varchar2(512) |
IP packet protocol description. |
DATE_CREATED |
date |
Date the entry was created |
DATE_MODIFIED |
date |
Date the entry was modified |
CREATED_BY |
number |
User who created object |
MODIFIED_BY |
number |
User who last modified object |
This view references ESEC_SEQUENCE table that’s used to generate primary key sequence numbers for Sentinel tables.
This view contains information about object relationships. Used internally by Sentinel and not for reporting purposes.
This view is provided for backward compatibility. View contains current and historical events (events imported from archives).
This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2. View contains current events.
This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2. View contains current and historical events.
This view is provided for backward compatibility. New reports should use EVENT_ALL_RPT_V. View contains current events.
This is the primary reporting view for Sentinel 6.0. This view contains current event and historical events. It is included for legacy reports but has been replaced in Sentinel 6.1 with EVENTS_RPT_V3.
This is the primary reporting view for Sentinel 6.1. This view contains current event and historical events. It is included for legacy reports.
View references EVT_AGENT table that stores information about Collectors.
View references EVT_AGENT table that stores information about Collectors. The column names in this view reflects the name change of Sensor to Observer. This view is designed for use in Sentinel 6.1.
View references EVT_ASSET table that stores asset information.
View references EVT_ASSET table that stores asset information. This view is designed for Sentinel 6.1.
View summarizes event count by destination, taxonomy, event name, severity and event time.
View contains event destination summary information.
View summarizes event count by destination, taxonomy, severity and event time.
View references EVT_NAME table that stores event name information.
View summarizes event count by destination port, severity and event time.
View references EVT_PRTCL table that stores event protocol information.
View references EVT_PRTCL table that stores event protocol information.
View references EVT_RSRC table that stores event resource information.
View summarizes event count by severity and event time.
View contains information about the Event Source Management configuration.
View contains information about the Event Source Management configuration.
View contains information about the Event Source Management configuration.
View contains information about the Event Source Management configuration.
View contains information about the Event Source Management configuration.
View contains event source and destination summary information.
View contains information about the Event Source Management configuration.
View references EVT_TXNMY table that stores event taxonomy information.
View references EVT_USR table that stores event user information.
View references EXTERNAL_DATA table that stores external data.
This view is provided for backward compatibility. New report should use CORRELATED_EVENTS_RPT_V1 instead.
This view is provided for backward compatibility. Sentinel 6.0 reports should use EVENTS_RPT_V2 instead. Sentinel 6.1 reports should use EVENTS_RPT_V3 instead.
View references IMAGES table that stores system overview image information.
View references INCIDENTS_ASSETS table that stores information about the assets that makeup incidents created in the Sentinel Console.
View references INCIDENTS_EVENTS table that stores information about the events that makeup incidents created in the Sentinel Console.
View references INCIDENTS table that stores information describing the details of incidents created in the Sentinel Console.
View references INCIDENTS_VULN table that stores information about the vulnerabilities that makeup incidents created in the Sentinel Console.
View references L_STAT table that stores statistical information.
View references LOGS_RPT table that stores logging information.
View references MSSP_ASSOCIATIONS table that associates an number key in one table to a UUID in another table.
View references NETWORK_IDENTITY_LKUP table that stores asset network identity information.
View references ORGANIZATION table that stores organization (asset) information.
View references PERSION table that stores personal (asset) information.
View references PHYSICAL_ASSET table that stores physical asset information.
View references PRDT table that stores asset product information.
View references ROLE_LKUP table that stores user role (asset) information.
View contains report label translations.
View references SENSITIVITY_LKUP table that stores asset sensitivity information.
View contains data used internally by Sentinel.
View contains data used internally by Sentinel.
View contains data used internally by Sentinel.
View references STATES table that stores definitions of states defined by applications or context.
View references CASES and INCIDENTS tables to report on unassigned cases.
View references USERS table that lists all users of the application. The users will also be created as database users to accommodate 3rd party reporting tools.
View contains user account information from an identity management system.
View contains extended attributes information from an identity management system, including name value pairs in the ATTRIBUTE_NAME and ATTRIBUTE_VALUE columns.
View contains user identity information from an identity management system.
View references VNDR table that stores information about asset product vendors.
View references VULN_RSRC and VULN to calculate eSecurity vulnerability severity rating base on current vulnerabilities.
View references VULN_CODE table that stores industry assigned vulnerability codes such as Mitre’s CVEs and CANs.
View references VULN_INFO table that stores additional information reported during a scan.
View references VULN table that stores information of scanned system. Each scanner will have its own entry for each system.
View references VULN_RSRC table that stores each resource scanned for a particular scan.
View references VULN_RSRC_SCAN table that stores each resource scanned for a particular scan.
View references table that stores information pertaining to scans.
View references VULN_SCAN_VULN table that stores vulnerabilities detected during scans.
View references VULN_SCANNER table that stores information about vulnerability scanners.