This view provides detailed W5 information (such as process and machine details) about generated events (alerts).
When Lacework generates an event (alert), it returns a row in the Alert_DETAILS_V view with information about the event.
Each row contains file information as listed in the columns.
|Column Name||Data Type||Description|
|START_TIME||Timestamp||The time and date when the hourly aggregation time period starts.|
|END_TIME||Timestamp||The time and date when the hourly aggregation time period ends.|
|EVENT_TYPE||Text||The type/title of the alert.|
|EVENT_ID||Number||The unique identifier generated for this Event by Lacework.|
|EVENT_MODEL||Text||The data model used for generating the alert.|
|EVENT_ACTOR||Text||The event actor that categorizes the type of an alert such as application, process, files, etc.|
|ENTITY_MAP||JSON Object||The entity map lists all the entities of the alert which are further classified in KEYS AND PROPS.|
The ALERT_DETAILS_V view does not currently include agent alerts. This feature will be added in an upcoming platform release.