Incident_Reopened_Symantec EP mobile_General

Alert

Incident Reopened (incident_reopened)

SK4 unified event:
Connector/Service

Symantec EP mobile/General

SK4 Version:

2.4.62

Created Date:

Mon May 20 2019 12:24:02 GMT+0000 (Coordinated Universal Time)

Last Update:

Tue Jun 18 2019 11:10:36 GMT+0000 (Coordinated Universal Time)

Category

Security Alert

Description

Reopening an incident creates a duplicate incident that refers back to the original one.

Search query

cef_vendor="skyformation" cef_name="security-threat-detected" destinationServiceName="Symantec EP mobile"

Parsed CEF
Unparsed raw data

Expand to see an example...

Audit sources