Expand all | Collapse all
General Artifacts
The following table provides field names and related
information for general artifacts.
| Artifact Type as
it Appears on AutoFocus Web Portal | | Acceptable Values
and Examples |
| | | Domain seen within DNS Activity, HTTP Activity,
or File URL. |
| | | Email address seen within email recipient
address or email sender address. |
| | | Valid filename as detected within a session
or File Activity field. |
| | | Valid SHA256, SHA1, or MD5 hash eb4559d2debb5de11b3a90536ef36709de394b91c1e9a981e4987c4c02036b52 |
| | | A IP address as it appears in connection activity,
DNS activity, or HTTP activity. |
| | | Valid AutoFocus tag alias. |
| | | Malicious Behavior: malicious_behavior |
| | | Valid AutoFocus tag group. |
| | | Valid File URL or URL as detected in HTTP activity. |
| | | Valid browser user agent as detected in HTTP
Activity or User Agent Fragments. |