Guides

Objects

Suggest Edits

Objects are compound, reusable collections of attributes. They are similar to events in that they have attributes, but objects are attributes.

For instance, the DNS Activity event has attributes named Source Endpoint and Destination Endpoint. Both of these attributes are Network Endpoint objects – a compound data type that can represent most network-attached devices with attributes like IP Address and MAC Address.

Some key objects include User, File, and Device. See the Objects section for a complete list.

Updated about 1 month ago