elastio:local-path:iscan:unhealthy

Version: V0

Group: Local path

Iscan discovered a security threat in the path scanned.

Example:

{

      "event_id": "00000000-0000-0000-0000-000000000000",

      "event_kind": "elastio:local-path:iscan:unhealthy",

      "event_time": "2023-05-02T06:02:27Z",

      "event_version": "v0",

      "number_of_ransomware_threats": 0,

      "account_id": "000000000000",

      "cloud_connector_id": "00000000-0000-0000-0000-000000000000",

      "iscan_report_id": "00000000-0000-0000-0000-000000000000",

      "path": "/tmp/.tmpTCsgkj",

      "number_of_malware_scanned_files": 9,

      "number_of_malware_threats": 4,

      "region": "us-east-1",

      "deprecation_warning": null,

      "number_of_ransomware_scanned_files": 9

}

Fields:

• account_id

Type: string (is never empty)

Field description: AWS account ID.

• cloud_connector_id

Type: uuid

Field description: ID of the Cloud Connector the event took place in.

• region

Type: string (is never empty)

Field description: AWS region of the asset.

• path

Type: string (is never empty)

Field description: Local path where vulnerability was discovered.

• iscan_report_id

Type: uuid

Field description: Iscan report ID.

• number_of_malware_scanned_files

Type: unsigned_integer, can be null

Field description: Total number of files scanned for malware.

• number_of_ransomware_scanned_files

Type: unsigned_integer, can be null

Field description: Total number of files scanned for ransomware.

• number_of_malware_threats

Type: unsigned_integer, can be null

Field description: Total number of malware infected files found on the volume.

• number_of_ransomware_threats

Type: unsigned_integer, can be null

Field description: Total number of ransomware infected files found on the volume.