You need details about key data fields and sensor events which you may expect to find from Hosts running the Falcon sensor. Which documentation should you access?
You need details about key data fields and sensor events which you may expect to find from Hosts running the Falcon sensor. Which documentation should you access?
To find details about key data fields and sensor events from Hosts running the Falcon sensor, you should refer to the Events Data Dictionary. This document provides a comprehensive reference of all sensor and non-sensor events, detailing the available data fields, making it the appropriate resource for the required information.
A. Events Data Dictionary Document : Falcon Documentation > Event Investigation > Events > Events Full Reference (Events Data Dictionary) This reference contains all sensor and non-sensor events and their available documentation in one location.