{{ $t('overall.remark') }}
{{detection.victimIp}} communicated with {{detection.offenderIp}} that was associated with the indicator of {{detection.eventName}} activity, {{$_.get(detection, 'eventInfoObj.ioc_value', '') || ''}}.
{{detection.victimIp}} communicated with {{detection.offenderIp}} that was associated with the indicator of {{detection.eventName}}.
{{ $_.get(basicInfo, 'ruleInfo.description', '-') || '-' }}
Fields
{{ $t('detection.list.startTime') }}
{{ detection.startTime ? dateFormatByAppearance(detection.startTime) : '-' }}
{{ $t('detections.victimIp') }}
{{ detection.victimIp || '-' }}
{{ $t('detections.victimLocation') }}
{{ $t('detections.victimAsn') }}
{{ $_.get(basicInfo, 'victimInfo.asn.asn', '-') || '-' }}
{{ $t('detections.offenderIp') }}
{{ detection.offenderIp || '-' }}
{{ $t('detections.offenderLocation') }}
{{ $t('detections.offenderAsn') }}
{{ $_.get(basicInfo, 'offenderInfo.asn.asn', '-') || '-' }}
{{ $t('overall.domain') }}
{{ detection.domain || '-' }}
{{ $t('entities.domainCategory') }}
{{ $_.get(basicInfo, 'domainInfo.category.categoryName', '-') || '-' }}
{{ $t('entities.domainDetail.categoryGroup') }}
{{ $_.get(basicInfo, 'domainInfo.category.categoryGroup', '-') || '-' }}
{{ $t('entities.reputationLevel') }}
{{ reputationLevel(basicInfo.domainInfo.category.reputationLevel) || '-' }}
-
APP
{{ $_.get(basicInfo, 'appInfo.category.appName', '-') || '-' }}
APP {{ $t('entities.category') }}
{{ $_.get(basicInfo, 'appInfo.category.appCategory', '-') || '-' }}
APP {{ $t('entities.subcategory') }}
{{ $_.get(basicInfo, 'appInfo.category.appSubcategory', '-') || '-' }}
{{ $t('overall.appRisk') }}
{{ appRisk(basicInfo.appInfo.category.appRisk) || '-' }}
-
{{ $t('detections.malware') }}
{{ $_.get(detection, 'malware.malwareName', '-') || '-' }}
{{ $t('detections.malwareAlias') }}
{{ $_.get(detection, 'malware.malwareAlias', '-') || '-' }}
{{ $t('detections.malwareDescription') }}
{{ $_.get(detection, 'malware.mitreAttackDescription', '-') || '-' }}
{{ $t('detections.malwarePlatforms') }}
{{ detection.malware.mitreAttackPlatforms }}
-
{{ $t('detections.malwareTechniques') }}
{{ $_.get(detection, 'malware.mitreAttackTechniques', '-') || '-' }}
{{ $t('detections.malwareGroups') }}
{{ $_.get(detection, 'malware.mitreAttackGroups', '-') || '-' }}
{{ $t('detections.reference') }}
{{ detection.malware.reference }}
-
{{ $t('detection.nodeTypeLower') }}
{{ $_.get(detection, 'darkweb.nodeType', '-') || '-' }}
{{ $t('detection.tor.torFingerprint') }}
{{ $_.get(detection, 'darkweb.torFingerprint', '-') || '-' }}
{{ $t('detection.tor.torFlags') }}
{{ $_.get(detection, 'darkweb.torFlags', '-') || '-' }}
{{ $t('detection.tor.torVersion') }}
{{ $_.get(detection, 'darkweb.torVersion', '-') || '-' }}
Tor ORPort
{{ $_.get(detection, 'darkweb.torOrPort', '-') || '-' }}
Tor DirPort
{{ $_.get(detection, 'darkweb.torDirPort', '-') || '-' }}
I2P Hash
{{ $_.get(detection, 'darkweb.i2pHash', '-') || '-' }}
{{ $t('detection.tor.i2pVersion') }}
{{ $_.get(detection, 'darkweb.i2pVersion', '-') || '-' }}
{{ $t('detection.tor.i2pBandwidth') }}
{{ $_.get(detection, 'darkweb.i2pBandwidth', '-') || '-' }}
MTProxy Secret
{{ $_.get(detection, 'darkweb.mtproxySecret', '-') || '-' }}
{{ $t('detection.tor.mtproxyPort') }}
{{ $_.get(detection, 'darkweb.mtproxyPort', '-') || '-' }}
{{ $t('detection.tor.obfs4Fingerprint') }}
{{ $_.get(detection, 'darkweb.obfs4Fingerprint', '-') || '-' }}
{{ $t('detection.tor.obfs4Cert') }}
{{ $_.get(detection, 'darkweb.obfs4Cert', '-') || '-' }}
{{ $t('detection.tor.obfs4IatMode') }}
{{ $_.get(detection, 'darkweb.obfs4IatMode', '-') || '-' }}
{{ $t('detection.tor.obfs4Port') }}
{{ $_.get(detection, 'darkweb.obfs4Port', '-') || '-' }}
{{ $t('detection.tor.snowflakePort') }}
{{ $_.get(detection, 'darkweb.snowflakePort', '-') || '-' }}
{{ $t('detection.libraryId') }}
{{ $_.get(detection, 'eventInfoObj.knowledge_id', '-') || '-' }}
{{ $t('detection.libraryName') }}
{{ $_.get(detection, 'eventInfoObj.name', '-') || '-' }}
{{ $t('detection.iocType') }}
{{ $_.get(detection, 'eventInfoObj.ioc_type', '-') || '-' }}
{{ $t('detection.iocValue') }}
{{ $_.get(detection, 'eventInfoObj.ioc_value', '-') || '-' }}
{{ $t('detection.policyId') }}
{{ $_.get(basicInfo, 'ruleInfo.ruleId', '-') || '-' }}
{{ $t('detection.policyName') }}
{{ $_.get(basicInfo, 'ruleInfo.name', '-') || '-' }}
{{ $t('detections.goToVictim') }}
{{ $t('detections.viewDetailOf') }}
{{ detection.victimIp }}
{{ $t('detections.goToOffender') }}
{{ $t('detections.viewDetailOf') }}
{{ detection.offenderIp }}
{{ detection.domain }}
{{ $t('detections.relatedDetections') }}
{{ formatT0(event) }}
{{ event.severity }}
{{ event.eventType }}
{{ dateFormatByAppearance(parseInt(event.startTime)) }}
{{ event.offenderIp }}
{{ event.victimIp }}