How to understand relationship of virus information between SEPM and SSIM

book

Article ID: 180465

calendar_today

Updated On:

Products

Security Information Manager

Issue/Introduction

 

Resolution

As we know , there are many customers who use SSIM to collect events from SEPM, but how to understand the relationship between  Event_ID , Virus_Type_ID of SSIM  and Virus Type of SEPM.  Please refer to the following form:

SEPM SSIM
Virus Type Vius Type ID Event ID
0 = Viral 1237000 122000
1 = Non-Viral malicious 1237002 122001
2 = Malicious 1237001 122000
3 = Antivirus - Heuristic 1237003 122000
4 = Security risk 1237003 122001
5 = Hack tool 1237004 122001
6 = Spyware 1237005 122001
7 = Trackware 1237011 122001
8 = Dialer 1237006 122001
9 = Remote access 1237007 122001
10 = Adware 1237008 122001
11 = Jokeware 1237009 122001
12 = Client compliancy 1237010 122001
13 = Generic load point 1237010 122001
14 = Proactive Threat Scan - Heuristic 1237003 122001
15 = Cookie 1237003 122001