CB ThreatHunter: What is the structure of a Watchlist Alert ID?
search cancel

CB ThreatHunter: What is the structure of a Watchlist Alert ID?

book

Article ID: 291976

calendar_today

Updated On:

Products

Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

What is the structure of a Watchlist Alert ID?

Environment

  • CB ThreatHunter Web Console: All Versions

Resolution

A Watchlist Alert ID has three main components:

Process GUID
  • {ORG_KEY}-00e23c7b-000013b4-00000000-1d5df61ab230d55
Report ID
  • CFnKBKLTv6hUkBGFobRdg-565577
IOC ID
  • 565577-0
Combined the above three main components will form the following structure:
  • Alert ID: {ORG_KEY}-00e23c7b-000013b4-00000000-1d5df61ab230d55-CFnKBKLTv6hUkBGFobRdg-565577
Powered by Wolken Software