Earlier name/vendor
Vectra Cognito
1 - X-Series
X-Series: Detects and investigates cyberattacks across cloud, data center, and enterprise networks using AI.
To onboard such a source to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | vectra |
| product | x-series |
| service | vectra_cef, vectra_cef_account_detection, vectra_cef_audit |
| format | cef |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| vectra:cognito:detect | main |
| vectra:cognito:accountdetect | main |
| vectra:cognito:accountscoring | main |
| vectra:cognito:audit | main |
| vectra:cognito:campaigns | main |
| vectra:cognito:health | main |
| vectra:cognito:hostscoring | main |
| vectra:cognito:accountlockdown | main |
Sending data to Google SecOps
When sending the data collected from this source to a dynamic Google SecOps destination, Axoflow sets the following log type: VECTRA_DETECT.