SchemaSpy Analysis of sem5.dboSymantec Endpoint Protection Manager Database Schema | Generated by SchemaSpy |
Generated by SchemaSpy on Mon Oct 29 12:07 PDT 2012 | |
Database Type: Microsoft SQL Server - 10.50.2500 |
|
XML Representation Insertion Order Deletion Order (for database loading/purging scripts) |
Table | Children | Parents | Columns | Comments |
---|---|---|---|---|
ACTUALACTION | 2 | Lists and defines the meanings of the antivirus remediation action integers. The action integers represent the actions that the antivirus engine can take when dealing with a threat. | ||
ADMIN_GROUP_REFRESH_INFO | 3 | |||
ADMIN_GROUPS | 3 | |||
ADMINUSER | 6 | A list of reporting administrators. | ||
AGENT_BEHAVIOR_LOG_1 | 45 | Keeps client activities that occur in agents. | ||
AGENT_BEHAVIOR_LOG_2 | 45 | Keeps client activities that occur in agents. The LOG_IDX field serves as the table's unique identifier, but it is not formally classified as the table's primary key. This field has an index on it, but it is not the primary key index. This table has no primary key. | ||
AGENT_PACKET_LOG_1 | 35 | Keeps packet traffic that occur in agents | ||
AGENT_PACKET_LOG_2 | 35 | Keeps packet traffic that occur in agents | ||
AGENT_SECURITY_LOG_1 | 53 | Keeps security events that occur in agents | ||
AGENT_SECURITY_LOG_2 | 53 | Keeps security events that occur in agents | ||
AGENT_SYSTEM_LOG_1 | 27 | Keeps system traffic that occur in agents | ||
AGENT_SYSTEM_LOG_2 | 27 | Keeps system traffic that occur in agents | ||
AGENT_TRAFFIC_LOG_1 | 45 | Keeps network traffic that occur in agents | ||
AGENT_TRAFFIC_LOG_2 | 45 | Keeps network traffic that occur in agents | ||
AGENTCONFIG | 7 | Not used. | ||
AGENTSTATUS | 11 | The status of SEPM server tasks. | ||
ALERTFILTER | 25 | The administrator-defined filters for the notification log. | ||
ALERTMSG | 2 | Lists and defines the meanings of the events possible for the Risk and Proactive Threat Protection (TruScan) Log | ||
ALERTS | 33 | Keeps the risk and Proactive Threat Protection (TruScan) events | ||
ANOMALYDETECTION | 8 | Keeps the antivirus detection events | ||
ANOMALYDETECTIONOPERATION | 2 | Lists and defines what a detection can possible find | ||
ANOMALYDETECTIONS | 8 | Keeps the client to detection event mappings | ||
ANOMALYDETECTIONTYPE | 2 | Lists and defines the kinds of objects that detections work on | ||
ANOMALYREMEDIATION | 8 | Keeps the antivirus remediation events | ||
ANOMALYREMEDIATIONOPERATION | 2 | Lists and defines what a remediation can possibly do | ||
ANOMALYREMEDIATIONS | 8 | Keeps the client to remediation event mappings | ||
ANOMALYREMEDIATIONTYPE | 2 | Lists and defines the kinds of objects that remediations work on | ||
AUDIT_REPORT | 21 | Keeps the administrator-defined filters for the Audit log | ||
BASIC_METADATA | 22 | Keeps policy and various server settings | ||
BEHAVIOR_REPORT | 30 | Keeps the administrator-defined filters for the Application Control log | ||
BINARY_FILE | 17 | Keeps all binary files | ||
COMMAND | 21 | Keeps the Command status for agents | ||
COMMAND_REPORT | 19 | Keeps the administrator-defined filters for the Command details log | ||
COMPLIANCE_REPORT | 37 | Keeps the administrator-defined filters for the Device Control log, the NTP Attacks log, and all the Compliance logs | ||
COMPUTER_APPLICATION | 21 | Keeps all applications used in agents | ||
CONNECTION_TEST | 1 | For internal use to check if the database connection is health. | ||
DATA_HANDLER | 7 | Keeps the list of registered log handlers | ||
DUMMY | 0 | Dummy table for internal use | ||
ENFORCER_CLIENT_LOG_1 | 30 | Keeps client activities that occur in Enforcers | ||
ENFORCER_CLIENT_LOG_2 | 30 | Keeps client activities that occur in Enforcers | ||
ENFORCER_SYSTEM_LOG_1 | 18 | Keeps client system activities that occur in Enforcers | ||
ENFORCER_SYSTEM_LOG_2 | 18 | Keeps client system activities that occur in Enforcers | ||
ENFORCER_TRAFFIC_LOG_1 | 30 | Keeps client traffic activities that occur in Enforcers | ||
ENFORCER_TRAFFIC_LOG_2 | 30 | Keeps client traffic activities that occur in Enforcers | ||
FIREWALL_REPORT | 32 | Keeps the administrator-defined filters for the NTP Traffic and Packets logs | ||
GROUP_HI_STATUS | 3 | Specify the host integrated feature is enabled or not | ||
GROUP_LAN_SENSOR | 4 | |||
GUIPARMS | 6 | Keeps parameters used in the console GUI | ||
GUP_LIST | 7 | Keeps the list for Group Update Provider (GUP) | ||
HISTORY | 6 | Keeps data snapshots used in reporting | ||
HISTORYCONFIG | 18 | Keeps scheduled report configuration information | ||
HOMEPAGECONFIG | 7 | Keeps administrator-specific preferences | ||
HPP_ALERTS | 18 | Keeps Proactive Threat Protection (TruScan) event information | ||
HPP_APPLICATION | 14 | Keeps applications detected by TruScan | ||
HYPERVISOR_PATTERN | 4 | Keeps the information to identify virtual platform vendors | ||
HYPERVISOR_VENDOR | 2 | Keeps virtual platform vendors names | ||
IDENTITY_MAP | 13 | Keeps mapping of object ID and its name | ||
INVENTORYCURRENTRISK | 0 | Keeps the client to infected threat events mapping | ||
INVENTORYCURRENTRISK1 | 13 | Keeps the client to infected threat events mapping | ||
INVENTORYCURRENTVIRUS | 0 | Keeps the client to infected virus events mapping | ||
INVENTORYREPORT | 51 | Keeps the administrator-defined filters for the Computer Status log | ||
LAN_DEVICE_DETECTED | 20 | Keeps LAN devices info detected by LAN sensors | ||
LAN_DEVICE_EXCLUDED | 19 | Keeps known LAN devices info | ||
LEGACY_AGENT | 18 | Keeps legacy agent information | ||
LICENSE | 22 | Keeps the license information | ||
LICENSE_CHAIN | 11 | Keeps the license chain information | ||
LOCAL_METADATA | 13 | Keeps various local settings | ||
LOG_CONFIG | 15 | Keeps logs settings for switching log tables | ||
NETWORK_SCAN | 0 | Keeps temporary data for network scan | ||
NETWORK_SCAN_RESULT | 0 | Keeps temporary result data for network scan | ||
NOTIFICATION | 31 | Keeps the notification events | ||
NOTIFICATIONALERTS | 12 | Keeps the notification conditions | ||
NOTIFICATIONHISTORY | 6 | |||
OAUTH_ACCESS_TOKEN | 8 | |||
OAUTH_CLIENT_DETAILS | 12 | |||
OAUTH_REFRESH_TOKEN | 6 | |||
PATTERN | 11 | Keeps the content versions that the clients are using | ||
PROCESS_STATE | 5 | Synchronize SEPM processes | ||
REPORTS | 18 | Not used. | ||
SCANREPORT | 29 | Keeps the administrator-defined filters for the Scan log | ||
SCANS | 24 | Keeps the antivirus scan events | ||
SCFINVENTORY | 8 | Not used. | ||
SE_GLOBAL | 1 | Keeps system sequence number | ||
SEM_AGENT | 89 | Keeps agents information | ||
SEM_APPLICATION | 25 | Keeps all applications information | ||
SEM_CLIENT | 30 | Keeps clients information | ||
SEM_COMPLIANCE_CRITERIA | 13 | Keeps the host compliance event details | ||
SEM_COMPLIANCE_CRITERIA_2 | 13 | |||
SEM_COMPUTER | 52 | Keeps computers information | ||
SEM_CONTENT | 7 | Keeps the client to content mapping | ||
SEM_JOB | 19 | Keeps job name for Command process | ||
SEM_OS_INFO | 13 | Maps the operatioing system text to its version and flavor | ||
SEM_REPLICATION_STATE | 5 | Keeps the replication site and server information for USN generation | ||
SEM_SVA | 34 | |||
SEM_SVA_CLIENT | 26 | |||
SEM_SVA_COMPUTER | 50 | |||
SERIAL_NUMBERS | 4 | Internal temporary table | ||
SERVER_ADMIN_LOG_1 | 21 | Keeps administrator activities that occur in server | ||
SERVER_ADMIN_LOG_2 | 21 | Keeps administrator activities that occur in server | ||
SERVER_CLIENT_LOG_1 | 20 | Keeps client activities that occur in server | ||
SERVER_CLIENT_LOG_2 | 20 | Keeps client activities that occur in server | ||
SERVER_ENFORCER_LOG_1 | 15 | Keeps Enforcer activities that occur in server | ||
SERVER_ENFORCER_LOG_2 | 15 | Keeps Enforcer activities that occur in server | ||
SERVER_POLICY_LOG_1 | 18 | Keeps policy change activities that occur in server | ||
SERVER_POLICY_LOG_2 | 18 | Keeps policy change activities that occur in server | ||
SERVER_SYSTEM_LOG_1 | 19 | Keeps system activities that occur in server | ||
SERVER_SYSTEM_LOG_2 | 19 | Keeps system activities that occur in server | ||
SYSTEM_REPORT | 31 | Keeps the administrator-defined filters for the System logs | ||
SYSTEM_STATE | 17 | Keeps administrator and site health status information | ||
THREATREPORT | 47 | Keeps the administrator-defined filters for the Risk and TruScan logs | ||
V_AGENT_BEHAVIOR_LOG | 46 | Query client activities for agents | ||
V_AGENT_PACKET_LOG | 37 | Query packet traffic events for agents | ||
V_AGENT_SECURITY_LOG | 55 | Query security events for agents | ||
V_AGENT_SYSTEM_LOG | 27 | Query system events for agents | ||
V_AGENT_TRAFFIC_LOG | 47 | Query traffic events for agents | ||
V_ALERTS | 34 | Query risk and TruScan events with human-readable IP address information | ||
V_CLIENT_CHANGE_LOG | 13 | Query client change events | ||
V_DOMAINS | 13 | Query domain information | ||
V_ENFORCER_CLIENT_LOG | 30 | Query client activities for Enforcers | ||
V_ENFORCER_SYSTEM_LOG | 18 | Query system activities for Enforcers | ||
V_ENFORCER_TRAFFIC_LOG | 32 | Query traffic activities for Enforcers | ||
V_GROUPS | 13 | Query groups information | ||
V_IPS | 7 | Query IPS content component | ||
V_LAN_DEVICE_DETECTED | 21 | Query detected devices with human-readable IP address information | ||
V_LAN_DEVICE_EXCLUDED | 23 | Query known devices with human-readable IP address information | ||
V_MR_CLEAN | 5 | Query the content component for MR Clean feature | ||
V_NETWORK_SCAN_RESULT | 0 | Query network scan results with human-readable IP address information | ||
V_SECURITY_VIEW | 10 | Query cross-technology security events | ||
V_SEM_COMPUTER | 69 | Query computer information with human-readable IP address information | ||
V_SEM_CONTENT | 7 | Query content revision information for clients | ||
V_SERVER_ADMIN_LOG | 21 | Query administrator activities for servers | ||
V_SERVER_CLIENT_LOG | 21 | Query client activities for servers | ||
V_SERVER_ENFORCER_LOG | 15 | Query Enforcer activities for servers | ||
V_SERVER_POLICY_LOG | 18 | Query policy change activities for servers | ||
V_SERVER_SYSTEM_LOG | 19 | Query system activities for servers | ||
V_SERVERS | 13 | Query servers information | ||
V_SONAR | 5 | Query the V_SONAR content component. | ||
V_VIRUS | 22 | Query virus information | ||
VERSION | 4 | Keeps the schema version information | ||
VIRUS | 23 | Keeps the list of threats found in the network | ||
VIRUSCATEGORY | 8 | Lists and defines all possible kinds of threats | ||
141 Tables | 2,718 | |||
0 Views | 0 |