Skip to content

ANOMALY

anomaly

AnomalyResolved

${user} resolved anomaly for snapshot taken on ${snapshotDate} of ${snappableType} '${snappableName}'.
Severity Status Audit Event
Info Success Yes

AnomalyResolvedAndFalsePositiveReported

${user} resolved and reported anomaly as a false positive for snapshot taken on ${snapshotDate} of ${snappableType} '${snappableName}'.
Severity Status Audit Event
Info Success Yes

AnomalyResolveReportedFalsePositiveAndDirectoriesSnoozed

${user} resolved and reported anomaly as a false positive for snapshot taken on ${snapshotDate} of ${snappableType} '${snappableName}'.  ${directoriesSnoozed} directories were snoozed.
Severity Status Audit Event
Info Success Yes

DirectoriesRemovedFromSnooze

${directoriesUnsnoozed} directories unsnoozed by ${user} on ${date}.
Severity Status Audit Event
Info Success Yes

EncryptionNotRunAnomalyDetectedInfo

Detected anomalous filesystem activity with ${confidence} confidence (File Change: ${filesCreatedCount} Added, ${filesModifiedCount} Modified, ${filesRemovedCount} Removed)
Severity Status Audit Event
Info Success No

EncryptionNotRunAnomalyDetectedWarning

Detected anomalous filesystem activity with ${confidence} confidence (File Change: ${filesCreatedCount} Added, ${filesModifiedCount} Modified, ${filesRemovedCount} Removed)
Severity Status Audit Event
Warning Success No

NonfilesystemAnomalyResolved

${user} resolved anomaly detected on ${detectionTime} of ${snappableType} '${snappableName}'.
Severity Status Audit Event
Info Success Yes

NonfilesystemAnomalyResolvedAndFalsePositiveReported

${user} resolved and reported anomaly as a false positive detected on ${detectionTime} of ${snappableType} '${snappableName}'.
Severity Status Audit Event
Info Success Yes

RansomwareStrainDetected

Detected potential ransomware strain \"${strainName}\" with ${confidence} and ${encryptionLevel} levels of encryption (File Change: ${filesCreatedCount} Added, ${filesModifiedCount} Modified, ${filesRemovedCount} Removed)
Severity Status Audit Event
Critical TaskSuccess No

RansomwareStrainDetectedWarning

Detected potential ransomware strain \"${strainName}\" with ${confidence} (File Change: ${filesCreatedCount} Added, ${filesModifiedCount} Modified, ${filesRemovedCount} Removed)
Severity Status Audit Event
Warning TaskSuccess No

SnappableElevatedEncryption

Detected anomalous filesystem activity with ${confidence} confidence and high levels of encryption (File Change: ${filesCreatedCount} Added, ${filesModifiedCount} Modified, ${filesRemovedCount} Removed)
Severity Status Audit Event
Critical Success No

SnappableElevatedEncryptionWithSuspiciousFilesInfo

Detected anomalous filesystem activity with ${confidence} confidence and high levels of encryption (File Change: ${filesCreatedCount} Added, ${filesModifiedCount} Modified, ${filesRemovedCount} Removed, ${filesSuspiciousCount} Suspicious)
Severity Status Audit Event
Critical Success No

SnappableHighBasicEncryption

Detected significant indication of encrypted files.
Severity Status Audit Event
Warning TaskSuccess No

SnappableLowBasicEncryption

Detected little to no indication of encrypted files.
Severity Status Audit Event
Info TaskSuccess No

SnappableLowEncryptionInfo

Detected anomalous filesystem activity with ${confidence} confidence and low levels of encryption (File Change: ${filesCreatedCount} Added, ${filesModifiedCount} Modified, ${filesRemovedCount} Removed)
Severity Status Audit Event
Info Success No

SnappableLowEncryptionWarning

Detected anomalous filesystem activity with ${confidence} confidence and low levels of encryption (File Change: ${filesCreatedCount} Added, ${filesModifiedCount} Modified, ${filesRemovedCount} Removed)
Severity Status Audit Event
Warning Success No

VMHostAnomalyDetected

Detected anomalous activity on ${snappableName} (${vmCount} Virtual Machines affected)
Severity Status Audit Event
Critical Success No

testevent

TestMinimal

This is test event.
Severity Status Audit Event
Critical Success No