NSX-T Data Center REST API
IDSEventsBySignature (schema)
Detcted intrusions grouped by signature
Intrusions that are detected, grouped by signature. It contains the signature id,
severity, name, the number of intrusions of that type and the first occurence.
| Name | Description | Type | Notes |
|---|---|---|---|
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| count | Number of times signature was seen Number of times this particular signature was detected. |
integer | Readonly |
| first_occurence | First occurence of the intrusion First occurence of the intrusion, in epoch milliseconds. |
EpochMsTimestamp | Readonly |
| is_ongoing | Flag indicating an ongoing intrusion Flag indicating an ongoing intrusion. |
boolean | Readonly |
| resource_type | IDSEvent resource type IDSEvent resource type. |
string | Required Readonly |
| severity | Severity of the signature Severity of the threat covered by the signature, can be Critical, High, Medium, or Low. |
string | Readonly |
| signature_id | Signature ID Signature ID pertaining to the detected intrusion. |
integer | Readonly |
| signature_name | Name of the signature Name of the signature pertaining to the detected intrusion. |
string | Readonly |