Table of Contents
Advertisement
Each field is associated with a specific data type, which corresponds to the data type in the database:
string: limited to 255 characters (unless otherwise specified)
integer: 32-bit signed integer
UUID: 36 character (with hyphens) or 32 character (without hyphens) hexadecimal string in
the format XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX (For example, -
6A5349DA-7CBF-1028-9795-000BCDFFF482)
date: Collector Variable must be set with date as number of milliseconds from January 1, 1970
00:00:00 GMT. When displayed in Sentinel Control Center, meta-tags of type date are
displayed in a regular date format.
IPv4: IP address in dotted decimal notation (that is – xxx.xxx.xxx.xxx)
This section has the following information:
Section 1.1.1, "Free-Form Filters and Correlation Rules," on page 12
Section 1.1.2, "Actions," on page 13
Section 1.1.3, "Proprietary Collectors," on page 15
Section 1.1.4, "JavaScript Collectors," on page 15
1.1.1 Free-Form Filters and Correlation Rules
You can use either the tag or the label when you write free-form language in the Sentinel Control
Center. The Sentinel interface shows the user-friendly label.
Figure 1-1
12
Sentinel 6.1 Rapid Deployment Reference Guide
Correlation Wizard displaying labels in drop-down and free-form language
Advertisement
Table of Contents
