Alert

A Cortex XDR alert representing a single detection event.

Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR

Name	Type	Description
alert_id	string
detection_timestamp	integer	Detection timestamp as Unix epoch milliseconds.
name	string	Alert name or rule name that triggered this alert.
category	string	Alert category (e.g., Malware, Exploit, Lateral Movement).
description	string
host_ip	array
host_name	string
user_name	string
mac	array
source	string	Data source that generated the alert.
action	string	Action taken on the alert.
action_pretty	string
severity	string
matching_status	string
alert_type	string
resolution_status	string
resolution_comment	string