Views:

Review the type of data and format shared to your S3 buckets by Third-Party Integrations.

Note
Note
Sending activity data to an S3 bucket requires TrendAI Vision One™ credits. Configure the data allowance for transferring activity data and manage credit usage in Platform Usage and Credits.
Data
Output Path
Notes
Workbench alerts
/workbench/packages/customerId={CUSTOMER_ID}/pipelineId={PIPELINE_ID}/workbenchId={WORKBENCH_ID}/eventType={EVENT_TYPE}/{PACKAGE_ID}.json.gz
  • CUSTOMER_ID: Customer ID in UUID format
  • PIPELINE_ID: Back-end pipeline ID in UUID format
  • WORKBENCH_ID: Workbench ID given in the following format:
    WB-{COMPANY_ID}-{DATE}-{SERIAL_NUMBER}
    • COMPANY_ID: A unique integer for each company
    • DATE: UTC+0 in "yyyyMMDD" format
    • SERIAL_NUMBER
      : Automatically generated number for each Workbench created
  • EVENT_TYPE: Action taken or performed on the Workbench:
    • WORKBENCH_CREATED
    • WORKBENCH_UPDATED
    • WORKBENCH_FP_REMOVED
  • PACKAGE_ID: Package ID in UUID format
Observed Attack Techniques
/oat/packages/customerId={CUSTOMER_ID}/pipelineId={PIPELINE_ID}/dateHour={DATE_HOUR}/{PACKAGE_ID}.json.gz
  • CUSTOMER_ID: Customer ID in UUID format
  • PIPELINE_ID: Back-end pipeline ID in UUID format
  • DATE_HOUR: UTC+0 in "yyyyMMDDHH" format
  • PACKAGE_ID: Package ID in UUID format
Activity
/activity/packages/customerId={CUSTOMER_ID}/pipelineId={PIPELINE_ID}/dateHour={DATE_HOUR}/{PACKAGE_ID}.json.gz
Detections
/detection/packages/customerId={CUSTOMER_ID}/pipelineId={PIPELINE_ID}/dateHour={DATE_HOUR}/{PACKAGE_ID}.json.gz
Container vulnerabilities
/containerVulnerability/packages/customerId={CUSTOMER_ID}/pipelineId={PIPELINE_ID}/{PACKAGE_ID}.json.gz