Vectra-AI

Reports

Vectra-Login Success: This report gives information about successful logins detected by Vectra AI. This contains the username, user privilege, source IP and other details of successful logins to keep track of users accessing the system.

Reports

Vectra-Audit Activities: This report gives information about audit activities detected by Vectra AI. It contains the username, user privilege and other system details to keep track of all the audit activities performed.

Alerts

Vectra: Login failed: This alert is generated when user fails to login.
Vectra: Threat detected: This alert is generated when any threat is detected on the system.
Vectra: Suspicious account detected: This alert is generated when any suspicious account is detected.
Vectra: Account lockdown: This alert is generated when any account lockdown activity is detected.

Reports

Vectra- Login Failed: This report gives information about failed logins detected by Vectra AI. It contains details of the username, user privilege, source IP and details of failed login attempts which will be useful for investigation.
Vectra-Threat Detected: This report gives the information about the threats detected by Vectra AI. It contains details of the threat name, its category, threat and certainty score and system information which will be useful for investigation.
Vectra-Host Score: This report gives the information about the host scoring detected by Vectra AI. It contains details of the host, threat score and certainty score, and system details which will be helpful to investigate the host and its activities.
Vectra-Account Score: This report gives the information about account scoring logs detected by Vectra AI. It contains details of the account, system, threat and certainty score of the log, which can be useful for investigating the cause.
Vectra-Account Lockdown: This report gives information about account lockdown detected by Vectra AI. It contains details of the account, username and the system that has been locked down, which can be useful for investigation.

The configurations details are consistent with EventTracker version 9.X and later, and Vectra AI.

To configure Vectra AI to send logs to EventTracker, refer the How to Guide.

For more information please refer the Integration guide.