Contents x
    Platform
    • 28 Apr 2023
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Contents

    Platform

    • Updated on 28 Apr 2023
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Article Summary

    ACK_MESSAGES

    Acknowledge messages event is used by some LimaCharlie sensors (e.g. USP). It is not used by the EDR.

    BACKOFF

    Used for flow control. Provides a number of seconds that the sensor should wait before sending events to the cloud.

    DATA_DROPPED

    This event is generated by the sensor when it has been offline and the events generated overflowed its internal buffer before they could be sent to the cloud, resulting in dropped events.

    RUN

    Emitted after a run command has been issued (e.g. to run a payload, shell command, etc.)

    SELF_TEST_RESULT

    Internal event used during a power-on-self-test (POST) of the sensor.

    SET_PERFORMANCE_MODE

    Enables performance mode in the kernel (e.g. disables file tracking on Windows).

    SYNC

    Internal event used as a heartbeat to the cloud. Sent by default every 10 minutes.

    UNLOAD_KERNEL

    Allows manual unloading of kernel component.

    UPDATE

    Internal event used to update the configuration of a specific collector within the endpoint.

    Was this article helpful?
    What's Next