SchemaSpy Analysis of sem5.dboSymantec Endpoint Protection Manager Database Schema Generated by
SchemaSpy
Generated by SchemaSpy on Mon Oct 29 12:07 PDT 2012
Database Type: Microsoft SQL Server - 10.50.2500

XML Representation
Insertion Order Deletion Order (for database loading/purging scripts)

Table Children Parents Columns Comments
ACTUALACTION 2 Lists and defines the meanings of the antivirus remediation action integers. The action integers represent the actions that the antivirus engine can take when dealing with a threat.
ADMIN_GROUP_REFRESH_INFO 3
ADMIN_GROUPS 3
ADMINUSER 6 A list of reporting administrators.
AGENT_BEHAVIOR_LOG_1 45 Keeps client activities that occur in agents.
AGENT_BEHAVIOR_LOG_2 45 Keeps client activities that occur in agents. The LOG_IDX field serves as the table's unique identifier, but it is not formally classified as the table's primary key. This field has an index on it, but it is not the primary key index. This table has no primary key.
AGENT_PACKET_LOG_1 35 Keeps packet traffic that occur in agents
AGENT_PACKET_LOG_2 35 Keeps packet traffic that occur in agents
AGENT_SECURITY_LOG_1 53 Keeps security events that occur in agents
AGENT_SECURITY_LOG_2 53 Keeps security events that occur in agents
AGENT_SYSTEM_LOG_1 27 Keeps system traffic that occur in agents
AGENT_SYSTEM_LOG_2 27 Keeps system traffic that occur in agents
AGENT_TRAFFIC_LOG_1 45 Keeps network traffic that occur in agents
AGENT_TRAFFIC_LOG_2 45 Keeps network traffic that occur in agents
AGENTCONFIG 7 Not used.
AGENTSTATUS 11 The status of SEPM server tasks.
ALERTFILTER 25 The administrator-defined filters for the notification log.
ALERTMSG 2 Lists and defines the meanings of the events possible for the Risk and Proactive Threat Protection (TruScan) Log
ALERTS 33 Keeps the risk and Proactive Threat Protection (TruScan) events
ANOMALYDETECTION 8 Keeps the antivirus detection events
ANOMALYDETECTIONOPERATION 2 Lists and defines what a detection can possible find
ANOMALYDETECTIONS 8 Keeps the client to detection event mappings
ANOMALYDETECTIONTYPE 2 Lists and defines the kinds of objects that detections work on
ANOMALYREMEDIATION 8 Keeps the antivirus remediation events
ANOMALYREMEDIATIONOPERATION 2 Lists and defines what a remediation can possibly do
ANOMALYREMEDIATIONS 8 Keeps the client to remediation event mappings
ANOMALYREMEDIATIONTYPE 2 Lists and defines the kinds of objects that remediations work on
AUDIT_REPORT 21 Keeps the administrator-defined filters for the Audit log
BASIC_METADATA 22 Keeps policy and various server settings
BEHAVIOR_REPORT 30 Keeps the administrator-defined filters for the Application Control log
BINARY_FILE 17 Keeps all binary files
COMMAND 21 Keeps the Command status for agents
COMMAND_REPORT 19 Keeps the administrator-defined filters for the Command details log
COMPLIANCE_REPORT 37 Keeps the administrator-defined filters for the Device Control log, the NTP Attacks log, and all the Compliance logs
COMPUTER_APPLICATION 21 Keeps all applications used in agents
CONNECTION_TEST 1 For internal use to check if the database connection is health.
DATA_HANDLER 7 Keeps the list of registered log handlers
DUMMY 0 Dummy table for internal use
ENFORCER_CLIENT_LOG_1 30 Keeps client activities that occur in Enforcers
ENFORCER_CLIENT_LOG_2 30 Keeps client activities that occur in Enforcers
ENFORCER_SYSTEM_LOG_1 18 Keeps client system activities that occur in Enforcers
ENFORCER_SYSTEM_LOG_2 18 Keeps client system activities that occur in Enforcers
ENFORCER_TRAFFIC_LOG_1 30 Keeps client traffic activities that occur in Enforcers
ENFORCER_TRAFFIC_LOG_2 30 Keeps client traffic activities that occur in Enforcers
FIREWALL_REPORT 32 Keeps the administrator-defined filters for the NTP Traffic and Packets logs
GROUP_HI_STATUS 3 Specify the host integrated feature is enabled or not
GROUP_LAN_SENSOR 4
GUIPARMS 6 Keeps parameters used in the console GUI
GUP_LIST 7 Keeps the list for Group Update Provider (GUP)
HISTORY 6 Keeps data snapshots used in reporting
HISTORYCONFIG 18 Keeps scheduled report configuration information
HOMEPAGECONFIG 7 Keeps administrator-specific preferences
HPP_ALERTS 18 Keeps Proactive Threat Protection (TruScan) event information
HPP_APPLICATION 14 Keeps applications detected by TruScan
HYPERVISOR_PATTERN 4 Keeps the information to identify virtual platform vendors
HYPERVISOR_VENDOR 2 Keeps virtual platform vendors names
IDENTITY_MAP 13 Keeps mapping of object ID and its name
INVENTORYCURRENTRISK 0 Keeps the client to infected threat events mapping
INVENTORYCURRENTRISK1 13 Keeps the client to infected threat events mapping
INVENTORYCURRENTVIRUS 0 Keeps the client to infected virus events mapping
INVENTORYREPORT 51 Keeps the administrator-defined filters for the Computer Status log
LAN_DEVICE_DETECTED 20 Keeps LAN devices info detected by LAN sensors
LAN_DEVICE_EXCLUDED 19 Keeps known LAN devices info
LEGACY_AGENT 18 Keeps legacy agent information
LICENSE 22 Keeps the license information
LICENSE_CHAIN 11 Keeps the license chain information
LOCAL_METADATA 13 Keeps various local settings
LOG_CONFIG 15 Keeps logs settings for switching log tables
NETWORK_SCAN 0 Keeps temporary data for network scan
NETWORK_SCAN_RESULT 0 Keeps temporary result data for network scan
NOTIFICATION 31 Keeps the notification events
NOTIFICATIONALERTS 12 Keeps the notification conditions
NOTIFICATIONHISTORY 6
OAUTH_ACCESS_TOKEN 8
OAUTH_CLIENT_DETAILS 12
OAUTH_REFRESH_TOKEN 6
PATTERN 11 Keeps the content versions that the clients are using
PROCESS_STATE 5 Synchronize SEPM processes
REPORTS 18 Not used.
SCANREPORT 29 Keeps the administrator-defined filters for the Scan log
SCANS 24 Keeps the antivirus scan events
SCFINVENTORY 8 Not used.
SE_GLOBAL 1 Keeps system sequence number
SEM_AGENT 89 Keeps agents information
SEM_APPLICATION 25 Keeps all applications information
SEM_CLIENT 30 Keeps clients information
SEM_COMPLIANCE_CRITERIA 13 Keeps the host compliance event details
SEM_COMPLIANCE_CRITERIA_2 13
SEM_COMPUTER 52 Keeps computers information
SEM_CONTENT 7 Keeps the client to content mapping
SEM_JOB 19 Keeps job name for Command process
SEM_OS_INFO 13 Maps the operatioing system text to its version and flavor
SEM_REPLICATION_STATE 5 Keeps the replication site and server information for USN generation
SEM_SVA 34
SEM_SVA_CLIENT 26
SEM_SVA_COMPUTER 50
SERIAL_NUMBERS 4 Internal temporary table
SERVER_ADMIN_LOG_1 21 Keeps administrator activities that occur in server
SERVER_ADMIN_LOG_2 21 Keeps administrator activities that occur in server
SERVER_CLIENT_LOG_1 20 Keeps client activities that occur in server
SERVER_CLIENT_LOG_2 20 Keeps client activities that occur in server
SERVER_ENFORCER_LOG_1 15 Keeps Enforcer activities that occur in server
SERVER_ENFORCER_LOG_2 15 Keeps Enforcer activities that occur in server
SERVER_POLICY_LOG_1 18 Keeps policy change activities that occur in server
SERVER_POLICY_LOG_2 18 Keeps policy change activities that occur in server
SERVER_SYSTEM_LOG_1 19 Keeps system activities that occur in server
SERVER_SYSTEM_LOG_2 19 Keeps system activities that occur in server
SYSTEM_REPORT 31 Keeps the administrator-defined filters for the System logs
SYSTEM_STATE 17 Keeps administrator and site health status information
THREATREPORT 47 Keeps the administrator-defined filters for the Risk and TruScan logs
V_AGENT_BEHAVIOR_LOG 46 Query client activities for agents
V_AGENT_PACKET_LOG 37 Query packet traffic events for agents
V_AGENT_SECURITY_LOG 55 Query security events for agents
V_AGENT_SYSTEM_LOG 27 Query system events for agents
V_AGENT_TRAFFIC_LOG 47 Query traffic events for agents
V_ALERTS 34 Query risk and TruScan events with human-readable IP address information
V_CLIENT_CHANGE_LOG 13 Query client change events
V_DOMAINS 13 Query domain information
V_ENFORCER_CLIENT_LOG 30 Query client activities for Enforcers
V_ENFORCER_SYSTEM_LOG 18 Query system activities for Enforcers
V_ENFORCER_TRAFFIC_LOG 32 Query traffic activities for Enforcers
V_GROUPS 13 Query groups information
V_IPS 7 Query IPS content component
V_LAN_DEVICE_DETECTED 21 Query detected devices with human-readable IP address information
V_LAN_DEVICE_EXCLUDED 23 Query known devices with human-readable IP address information
V_MR_CLEAN 5 Query the content component for MR Clean feature
V_NETWORK_SCAN_RESULT 0 Query network scan results with human-readable IP address information
V_SECURITY_VIEW 10 Query cross-technology security events
V_SEM_COMPUTER 69 Query computer information with human-readable IP address information
V_SEM_CONTENT 7 Query content revision information for clients
V_SERVER_ADMIN_LOG 21 Query administrator activities for servers
V_SERVER_CLIENT_LOG 21 Query client activities for servers
V_SERVER_ENFORCER_LOG 15 Query Enforcer activities for servers
V_SERVER_POLICY_LOG 18 Query policy change activities for servers
V_SERVER_SYSTEM_LOG 19 Query system activities for servers
V_SERVERS 13 Query servers information
V_SONAR 5 Query the V_SONAR content component.
V_VIRUS 22 Query virus information
VERSION 4 Keeps the schema version information
VIRUS 23 Keeps the list of threats found in the network
VIRUSCATEGORY 8 Lists and defines all possible kinds of threats
         
141 Tables     2,718  
0 Views     0