AnomalyResult
Anomaly analysis report from lambda service.
Fields
| Field | Type | Description |
|---|---|---|
| anomalyProbability | Float! | The probability of the snapshot being anomalous. |
| bytesCreatedCount | Long | Total new bytes created. |
| bytesDeletedCount | Long | Total bytes deleted. |
| bytesModifiedCount | Long | Total bytes modified. |
| bytesNetChangedCount | Long | Net change in the number of bytes. For example, if 5 bytes are added and 3 bytes deleted, this field returns 2 as the number of bytes that changed. |
| cluster | Cluster! | The Rubrik cluster of the object. |
| detectionTime | DateTime! | Time when the anomaly was detected. |
| filesCreatedCount | Long | Count of new files created. |
| filesDeletedCount | Long | Count of files deleted. |
| filesModifiedCount | Long | Count of files modified. |
| id | String! | The database ID of the anomaly result. |
| isAnomaly | Boolean! | Indicates whether the snapshot is anomalous. |
| isEncrypted | Boolean | Specifies whether the snapshot is encrypted. |
| location | String! | The location of the object. |
| managedId | String! | Internal managed ID of the object. |
| objectType | ObjectTypeEnum | The type of the object. |
| previousSnapshotDate | DateTime! | The date of the previous snapshot. |
| previousSnapshotId | String! | The ID of the previous snapshot. |
| ransomwareResult | RansomwareResult | The ransomware analysis result, including encryption. |
| severity | ActivitySeverityEnum! | Severity of the anomaly. |
| snapshot | CdmSnapshot | The analyzed snapshot. |
| snapshotDate | DateTime! | The date of the snapshot. |
| snapshotFid | UUID! | The internal fid of the snapshot. |
| snapshotId | String! | The internal ID of the snapshot. |
| suspiciousFilesCount | Long | Total number of suspicious files. |
| workloadFid | UUID! | The internal fid of the object. |
| workloadId | String! | The internal ID of the object. |
| workloadName | String | The name of the object. |
Used By
Queries
- query: anomalyResults (via connection)