Incident_Opened_Symantec EP mobile_General


Incident Opened (incident_opened)

SK4 unified event:

Symantec EP mobile/General

SK4 Version:


Created Date:

Mon May 20 2019 12:11:26 GMT+0000 (Coordinated Universal Time)

Last Update:

Tue Jun 18 2019 11:10:37 GMT+0000 (Coordinated Universal Time)


Security Alert


An incident is a collection of one or more events that represent a significant risk to the organization. Incidents include the events that Symantec Endpoint Protection has blocked, because even blocked events contribute to a more complete picture of the larger attack.

Search query

cef_vendor="skyformation" cef_name="security-threat-detected" destinationServiceName="Symantec EP mobile"

Parsed CEF
Unparsed raw data

Expand to see an example...

Audit sources