This view is available with Lacework data share v.1 and later.
This view provides raw historic data about generated events (alerts). The Alerts_V View provides metadata about the alert (including severity). For comprehensive details about the alert, see ALERTS_DETAILS_V View.
This view is not supported with S3 Data Exporting.
When Lacework generates an event (alert), it returns a row in the Alerts_V view with information about the event.
Each row contains file information as listed in the columns.
|Column Name||Data Type||Description|
|ID||Number||The unique identifier generated for this Event by Lacework.|
|EVENT_TYPE||Text||The type/title of the alert.|
|SEVERITY||Number||Severity of the alert.|
|START_TIME||Timestamp||The time and date when the hourly aggregation time period starts.|
|END_TIME||Timestamp||The time and date when the hourly aggregation time period ends.|
|EVENT_CLASS||Text||The alert actor that the alert is associated with.|
|EVENT_PROPERTIES||VARIANT||The entities involved in the alert.|