.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
Global Audit Logging Operation Reference - 3
Malware Analysis
The following table lists the operations logged by the Malware Analysis (MA) component.
- Serial #: 1
- Operation Name: GetDashBoardSummaryRequest
- Meaning: Get dashboard analysis statistics
- Serial #: 2
- Operation Name: GetFileScoreSummaryRequest
- Meaning: Get aggregated file scores by score type and risk level
- Serial #: 3
- Operation Name: CountEventsAndFilesRequest
- Meaning: Get count of events and files over a time frame
- Serial #: 4
- Operation Name: GetAvVendorDetectionRequest
- Meaning: Get AV vendor analysis results
- Serial #: 5
- Operation Name: GetAVVendorsRequest
- Meaning: Get list of AV Vendors supported
- Serial #: 6
- Operation Name: SetInstalledAVVendors
- Meaning: Request Update list of installed AV Vendors in config
- Serial #: 7
- Operation Name: CountEventByCriteriaRequest
- Meaning: Count events by criteria
- Serial #: 8
- Operation Name: FindEventByIdRequest
- Meaning: Get event by id
- Serial #:
9
- Operation Name:
FindEventByCriteriaRequest
- Meaning:
Get event by criteria
- Serial #: 10
- Operation Name: DeleteEventRequest
- Meaning: Delete event
- Serial #:
11
- Operation Name:
CommentOnEventRequest
- Meaning:
Add comment to event
- Serial #: 12
- Operation Name: ReSubmitEventRequest
- Meaning: Resubmit event for analysis
- Serial #:
13
- Operation Name:
FindEventScoreByIdRequest
- Meaning:
Get event score by event id
- Serial #: 14
- Operation Name: FindEventScoreByCriteriaRequest
- Meaning: Get event score by criteria
- Serial #:
15
- Operation Name:
FindMetaByIdRequest
- Meaning:
Get meta by id
- Serial #: 16
- Operation Name: FindMetaByCriteriaRequest
- Meaning: Get meta by criteria
- Serial #:
17
- Operation Name:
FindMetaValueByCriteriaRequest
- Meaning:
Get meta value by criteria
- Serial #: 18
- Operation Name: CountByDistinctMetaValueRequest
- Meaning: Count distinct meta values
- Serial #:
19
- Operation Name:
CountByMetaNameAndValueWithDate RangeIntervalRequest
- Meaning:
Count meta and values with interval for charting
- Serial #: 20
- Operation Name: CountByValueAndAverageOverallScore Request
- Meaning: Count meta and map to overall scores for events
- Serial #:
21
- Operation Name:
CountByValueAndAverageGroupScore Request
- Meaning:
Count meta and map to group scores for events
- Serial #: 22
- Operation Name: CountFileEntryByCriteriaRequest
- Meaning: Count files by criteria
- Serial #:
23
- Operation Name:
FindFileEntryByIdRequest
- Meaning:
Get file by id
- Serial #: 24
- Operation Name: FindFileEntryByCriteriaRequest
- Meaning: Get file by criteria
- Serial #:
25
- Operation Name:
ReSubmitFileEntryRequest
- Meaning:
Resubmit file for analysis
- Serial #: 26
- Operation Name: FileDownloadRequest
- Meaning: Download file from repository
- Serial #:
27
- Operation Name:
FileUploadRequest
- Meaning:
Upload file for analysis
- Serial #: 28
- Operation Name: FindFileScoreByIdRequest
- Meaning: Get file score by id
- Serial #:
29
- Operation Name:
FindFileScoreByCriteriaRequest
- Meaning:
Get file score by criteria
- Serial #: 30
- Operation Name: FindHashValueByIdRequest
- Meaning: Get whitelist/blacklist Hash value by id
- Serial #:
31
- Operation Name:
FindHashValueByCriteriaRequest
- Meaning:
Get whitelist/blacklist Hash value by criteria
- Serial #: 32
- Operation Name: AddHashValueRequest
- Meaning: Add whitelist/blacklist Hash value
- Serial #:
33
- Operation Name:
UpdateHashValueRequest
- Meaning:
Update whitelist/blacklist Hash value
- Serial #: 34
- Operation Name: DeleteHashValueRequest
- Meaning: Delete whitelist/blacklist Hash value
- Serial #:
35
- Operation Name:
FindHashValueByMd5Request
- Meaning:
Find whitelist/blacklist Hash value by md5
- Serial #: 36
- Operation Name: AddHashValueInFile , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , such as server time, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,>NetWitness User Interface,>The following table lists the operations logged by the NetWitness User Interface component.,>Serial #Operation NameMeaning
- Serial #: 1
- Operation Name: uploadTrialLicense
- Meaning: Upload Trial License
- Serial #: 2
- Operation Name: LicenseEntitle
- Meaning: Entitle License
- Serial #: 3
- Operation Name: LicenseDeactivation
- Meaning: Deactivate License
- Serial #: 4
- Operation Name: ExpiredLicense
- Meaning: License Expired
- Serial #: 5
- Operation Name: LicenseOutOfComplianceAcknowledgement
- Meaning: EULA Acknowledgement
- Serial #: 6
- Operation Name: resetLicense
- Meaning: Reset License
- Serial #: 7
- Operation Name: usageDateExport
- Meaning: License data usage - csv/pdf
- Serial #: 8
- Operation Name: refreshLicense
- Meaning: Refresh LLS license
- Serial #: 9
- Operation Name: LicenseOutOfCompliance
- Meaning: Out of Compliance
- Serial #: 10
- Operation Name: OOTBEntitlementOutOfCompliance
- Meaning: OOTB Trial license Out of Compliance
- Serial #: 11
- Operation Name: OOTBEntitlementFirstLoginTimeModified
- Meaning: OOTB time modified
- Serial #: 12
- Operation Name: OOTBEntitlementFileDeleted
- Meaning: OOTB File deleted
- Serial #: 13
- Operation Name: OOTBEntitlementDataTampering
- Meaning: OOTB data tampering
- Serial #: 14
- Operation Name: uploadOfflineResponse
- Meaning: Upload offline response
- Serial #: 15
- Operation Name: offlineDownloadCapRequest
- Meaning: Download offline request
- Serial #: 16
- Operation Name: movePerpetualToThroughput
- Meaning: Move Appliance license to Throughput
- Serial #: 17
- Operation Name: moveThroughputToPerpetual
- Meaning: Mover Throughput to Appliance license
- Serial #: 18
- Operation Name: mapApplianceLicense
- Meaning: Map Service to Real license
- Serial #: 19
- Operation Name: delete
- Meaning: Operation to delete Alert Templates.
- Serial #: 20
- Operation Name: HttpRequest
- Meaning: Operation for Audit Logging of the accessed URL.
- Serial #: 21
- Operation Name: Page Accessed
- Meaning: Operation for Audit Logging of the accessed page.
- Serial #: 22
- Operation Name: Navigate
- Meaning: Operation to navigate to the accessed page.
- Serial #: 23
- Operation Name: Events
- Meaning: Operation to view the accessed event page.
- Serial #: 24
- Operation Name: Recon
- Meaning: Operation for Event Reconstruction requested.
- Serial #: 25
- Operation Name: Services
- Meaning: Operation while reading the list of available devices for investigation.
- Serial #: 26
- Operation Name: Service
- Meaning: Operation for a List of devices requested to be investigated.
- Serial #: 27
- Operation Name: Collections
- Meaning: Operation to view the list of collections requested.
- Serial #: 28
- Operation Name: Profiles
- Meaning: Operation to apply a Profile.
- Serial #: 29
- Operation Name: ColumnGroups
- Meaning: Operation to apply or read Column Group.
- Serial #: 30
- Operation Name: ParallelCoordinates
- Meaning: Operations related to Loading of co-ordinate view navigation.
- Serial #: 31
- Operation Name: Timeline
- Meaning: Operations related to loading of timeline view navigation.
- Serial #: 32
- Operation Name: PrintView
- Meaning: Operations to open investigation in print view.
- Serial #: 33
- Operation Name: Preferences
- Meaning: Operations related to Informer Request.
- Serial #: 34
- Operation Name: import
- Meaning: Operations related to Import of Column Group or Profiles.
- Serial #: 35
- Operation Name: export
- Meaning: Operations related to Export of Column Group or Profiles.
- Serial #: 36
- Operation Name: Predicate
- Meaning: Operations related to Queries (Predicates) used for Investigation.
- Serial #: 37
- Operation Name: Languages
- Meaning: Operation for Language requested from a Device.
- Serial #: 38
- Operation Name: Respond,>The following table lists the operations logged by the Respond component.,>Serial #Operation NameMeaning
- Serial #: 1
- Operation Name: update
- Meaning: Update notification setting
- Serial #: 2
- Operation Name: update
- Meaning: Update integration settings configuration
- Serial #: 3
- Operation Name: , , , ,