Listed below are the views available with Sentinel.
This view contains information about the Advisor feed files that are processed on a regular schedule.
This view contains information about all the products that are supported by NovellĀ® for Advisor, which include the Intrusion Detection System (IDS), Vulnerablility Scanners, and Knowledge Base (OSVDB, CVE, and Bugtraq).
This view contains the information about the list of signatures for each product that is supported by Novell for Advisor.
This view contains the mapping information for the products supported by Novell for Advisor. It provides information about the type of mapping between each product including the IDS product signatures, Vulnerability product signatures, and Knowledge Base product signatures.
This view contains information about the known vulnerablities from the OSVDB for the products supported by Novell for Advisor. It also stores the classifications to which the vulnerability applies.
This view contains information about the patches that are required to remove the vulnerabilities.
This view contains the information about the products that are affected by the vulnerability.
View references ANNOTATIONS table that stores documentation or notes that can be associated with objects in the Sentinel system such as cases and incidents.
View references ASSET_CTGRY table that stores information about asset categories.
View references ASSET_HOSTNAME table that stores information about alternate host names for assets.
View references ASSET_IP table that stores information about alternate IP addresses for assets.
View references ASSET_LOC table that stores information about asset locations.
View references ASSET table that stores information about the physical and soft assets.
View references ASSET_VAL_LKUP table that stores information about the asset value.
View references ASSET_X_ENTITY_X_ROLE table that associates a person or an organization to an asset.
View references ASSOCIATIONS table that associates users to incidents, incidents to annotations and so on.
View references ATTACHMENTS table that stores attachment data.
View reference AUDIT_RECORD table that stores Sentinel internal audit data.
View references CONFIGS table that stores general configuration information of the application.
View references CONTACTS table that stores contact information.
This view is provided for backward compatibility. New reports should use CORRELATED_EVENTS_RPT_V1 because this view does not include archived correlated events that have been imported back into the database.
View contains current and historical correlated events (correlated events imported from archives).
View references CRIT_LKUP table that contains information about asset criticality.
View references CUST_HIERARCHY table that stores information about MSSP customer hierarchy.
View references CUST table that stores customer information for MSSPs.
View references ENTITY_TYP table that stores information about entity types (person, organization).
View references ENV_IDENTITY_LKUP table that stores information about asset environment identity.
View references ESEC_DISPLAY table that stores displayable properties of objects. Currently used in renaming meta-tags. Used with Event Configuration (Business Relevance).
View references ESEC_PORT_REFERENCE table that stores industry standard assigned port numbers.
Column Name |
Datatype |
Comment |
---|---|---|
PORT_NUMBER |
int |
Per http://www.iana.org/assignments/port-numbers, the numerical representation of the port. This port number is typically associated with the Transport Protocol level in the TCP/IP stack. |
PROTOCOL_NUMBER |
int |
Per http://www.iana.org/assignments/protocol-numbers, the numerical identifiers used to represent protocols that are encapsulated in an IP packet. |
PORT_KEYWORD |
varchar/nvarchar(64) |
Per http://www.iana.org/assignments/port-numbers, the keyword representation of the port. |
PORT_DESCRIPTION |
varchar/nvarchar(512) |
Port description. |
DATE_CREATED |
datetime |
Date the entry was created |
DATE_MODIFIED |
datetime |
Date the entry was modified |
CREATED_BY |
int |
User who created object |
MODIFIED_BY |
int |
User who last modified object |
View references ESEC_PROTOCOL_REFERENCE table that stores industry standard assigned protocol numbers.
Column Name |
Datatype |
Comment |
---|---|---|
PROTOCOL_NUMBER |
int |
Per http://www.iana.org/assignments/protocol-numbers, the numerical identifiers used to represent protocols that are encapsulated in an IP packet. |
PROTOCOL_KEYWORD |
varchar/nvarchar(64) |
Per http://www.iana.org/assignments/protocol-numbers, the keyword used to represent protocols that are encapsulated in an IP packet. |
PROTOCOL_DESCRIPTION |
varchar/nvarchar(512) |
IP packet protocol description. |
DATE_CREATED |
datetime |
Date the entry was created |
DATE_MODIFIED |
datetime |
Date the entry was modified |
CREATED_BY |
int |
User who created object |
MODIFIED_BY |
int |
User who last modified object |
View references ESEC_SEQUENCE table thatās used to generate primary key sequence numbers for Sentinel tables.
This view is provided for backward compatibility. View contains current and historical events (events imported from archives).
This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2. View contains current events.
This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2.
This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2. View contains current and historical events.
This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2. View contains current events.
This is the primary reporting view. View contains current event and historical events.
View references EVT_AGENT table that stores information about Collectors.
View references EVT_ASSET table that stores asset information.
View summarizes event count by destination, taxonomy, event name, severity and event time.
View contains event destination summary information.
View summarizes event count by destination, taxonomy, severity and event time.
View references EVT_NAME table that stores event name information.
View summarizes event count by destination port, severity and event time.
View references EVT_PRTCL table that stores event protocol information.
View references EVT_RSRC table that stores event resource information.
View summarizes event count by severity and event time.
View contains event source and destination summary information.
View references EVT_TXNMY table that stores event taxonomy information.
View references EVT_USR table that stores event user information.
View references EXTERNAL_DATA table that stores external data.
This view is provided for backward compatibility. New reports should use CORRELATED_EVENTS_RPT_V1.
This view is provided for backward compatibility. New reports should use EVENTS_RPT_V2.
View references IMAGES table that stores system overview image information.
View references INCIDENTS_ASSETS table that stores information about the assets that makeup incidents created in the Sentinel Console.
View references INCIDENTS_EVENTS table that stores information about the events that makeup incidents created in the Sentinel Console.
View references INCIDENTS table that stores information describing the details of incidents created in the Sentinel Console.
View references INCIDENTS_VULN table that stores information about the vulnerabilities that makeup incidents created in the Sentinel Console.
View references L_STAT table that stores statistical information.
View references LOGS_RPT table that stores logging information.
View references MSSP_ASSOCIATIONS table that associates an integer key in one table to a uuid in another table.
View references NETWORK_IDENTITY_LKUP table that stores asset network identity information.
View references ORGANIZATION table that stores organization (asset) information.
View references PERSION table that stores personal (asset) information.
View references PHYSICAL_ASSET table that stores physical asset information.
View references PRDT table that stores asset product information.
View references ROLE_LKUP table that stores user role (asset) information.
This view contains localized report labels for reports in non-English languages.
View references SENSITIVITY_LKUP table that stores asset sensitivity information.
View references STATES table that stores definitions of states defined by applications or context.
View references CASES and INCIDENTS tables to report on unassigned cases.
View references USERS table that lists all users of the application. The users will also be created as database users to accommodate 3rd party reporting tools.
View references VNDR table that stores information about asset product vendors.
View references VULN_RSRC and VULN to calculate eSecurity vulnerability severity rating base on current vulnerabilities.
View references VULN_CODE table that stores industry assigned vulnerability codes such as Mitre's CVEs and CANs.
View references VULN_INFO table that stores additional information reported during a scan.
View references VULN table that stores information of scanned system. Each scanner will have its own entry for each system.
View references VULN_RSRC table that stores each resource scanned for a particular scan.
View references VULN_RSRC_SCAN table that stores each resource scanned for a particular scan.
View references table that stores information pertaining to scans.
View references VULN_SCAN_VULN table that stores vulnerabilities detected during scans.
View references VULN_SCANNER table that stores information about vulnerability scanners.