|
client_disconnect
Abnormally terminated connections with clients.
Table fields
Field name
|
Field type
|
Description
|
uuid
|
VARCHAR(36)
|
client ID
|
type
|
INTEGER NOT NULL
|
client type, see module client-type
|
addr
|
VARCHAR(255) NOT NULL
|
client address
|
name
|
INTEGER
|
client name
|
mac
|
INTEGER
|
client MAC
|
sid
|
INTEGER
|
client SID
|
descr
|
INTEGER
|
client description
|
ldapdn
|
INTEGER
|
client LDAP DN
|
disconnat
|
NUMERIC(17) NOT NULL
|
client disconnection timestamp
|
duration
|
INTEGER NOT NULL
|
client session duration, in seconds
|
reason
|
INTEGER NOT NULL
|
disconnect reason
|
notified
|
INTEGER DEFAULT '0'
|
whether a message was sent, see module db-notified-state
|
Table indexes
Index name
|
Index type
|
Fields
|
client_disconnect_0001
|
simple table index
clustering index
|
disconnat
|
client_disconnect_0002
|
simple table index
|
uuid, addr, type
|
Table references
Field name
|
Direction
|
Referenced table field
|
descr
|
↔
|
cat_descr.id
|
ldapdn
|
↔
|
cat_ldapdn.id
|
mac
|
↔
|
cat_mac.id
|
name
|
↔
|
cat_name_stations.id
|
reason
|
↔
|
cat_reason.id
|
sid
|
↔
|
cat_sid.id
|
once_job_done
Scheduler tasks for stations executed once.
Table fields
Field name
|
Field type
|
Description
|
jid
|
VARCHAR(36) NOT NULL
|
task UUID
|
sid
|
VARCHAR(36) NOT NULL
|
ID of the station to execute the task
|
source
|
INTEGER NOT NULL
|
source type, see module hier-traverse-source
|
oid
|
VARCHAR(36) NOT NULL
|
source ID (group/policy/station)
|
created
|
NUMERIC(17) DEFAULT '0'
|
record creation time
|
Table indexes
Index name
|
Index type
|
Fields
|
once_job_done_pkey
|
table primary key
|
jid, sid, source, oid
|
station_components
Information on anti-virus components installed on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
component
|
INTEGER DEFAULT '0'
|
component number
|
instdate
|
NUMERIC(17) DEFAULT '0'
|
installation date
|
server
|
INTEGER DEFAULT '0'
|
installation Dr.Web Server, see table cat_name_stations
|
path
|
INTEGER DEFAULT '0'
|
installation path, see table cat_path
|
modtime
|
NUMERIC(17) NOT NULL
|
record modification time
|
Table indexes
Index name
|
Index type
|
Fields
|
station_components_0001
|
simple table index
clustering index
|
id
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
path
|
↔
|
cat_path.id
|
server
|
↔
|
cat_name_stations.id
|
station_env_hash
Hash list of information states about hardware and software on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
category
|
INTEGER NOT NULL
|
environment category
|
hash
|
VARCHAR(128) NOT NULL
|
environment category hash
|
createtime
|
NUMERIC(17) NOT NULL
|
record creation time
|
Table indexes
Index name
|
Index type
|
Fields
|
station_env_hash_pkey
|
table primary key
clustering index
|
id, category
|
station_env_hw
Detailed information on hardware on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
type
|
INTEGER NOT NULL
|
device type, see module st-db-env-hw
|
name
|
INTEGER NOT NULL
|
device name, reference to table env_strings
|
vendor
|
INTEGER NOT NULL
|
device vendor, reference to table env_strings
|
info1
|
NUMERIC(11) NOT NULL
|
device info, line #1
|
info2
|
NUMERIC(11) NOT NULL
|
device info, line #2
|
instance
|
INTEGER DEFAULT '0' NOT NULL
|
device sequence number
|
Table indexes
Index name
|
Index type
|
Fields
|
station_env_hw_0001
|
simple table index
clustering index
|
id
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
←
|
station_env_hash.id
|
name
|
←
|
env_strings.id
|
vendor
|
←
|
env_strings.id
|
station_env_kb
Detailed information on Windows OS updates installed on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
name
|
INTEGER NOT NULL
|
Windows update name, reference to table env_strings
|
Table indexes
Index name
|
Index type
|
Fields
|
station_env_kb_0001
|
simple table index
clustering index
|
id
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
←
|
station_env_hash.id
|
name
|
←
|
env_strings.id
|
station_env_sw
Detailed information on software on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
name
|
INTEGER NOT NULL
|
software name, reference to table env_strings
|
version
|
INTEGER NOT NULL
|
software version, reference to table env_strings
|
vendor
|
INTEGER NOT NULL
|
software vendor, reference to table env_strings
|
disksize
|
INTEGER NOT NULL
|
software size on disk, MB
|
Table indexes
Index name
|
Index type
|
Fields
|
station_env_sw_0001
|
simple table index
clustering index
|
id
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
←
|
station_env_hash.id
|
name
|
←
|
env_strings.id
|
vendor
|
←
|
env_strings.id
|
version
|
←
|
env_strings.id
|
station_filesystem
Station filesystems information.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
mountpoint
|
INTEGER DEFAULT '0' NOT NULL
|
mount point
|
volume
|
INTEGER DEFAULT '0'
|
volume
|
totalsize
|
NUMERIC(20) DEFAULT '0'
|
volume size, KiB
|
free
|
NUMERIC(20) DEFAULT '0'
|
volume free space, KiB
|
Table indexes
Index name
|
Index type
|
Fields
|
station_filesystem_pkey
|
table primary key
|
id, mountpoint
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
mountpoint
|
↔
|
cat_filesystem.id
|
volume
|
↔
|
cat_filesystem.id
|
station_logins
Information on connections of stations to Dr.Web Server.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
machine_id
|
INTEGER DEFAULT '0' NOT NULL
|
machine UID
|
machine_mac
|
INTEGER DEFAULT '0' NOT NULL
|
machine MAC address
|
addr
|
VARCHAR(255) NOT NULL
|
network address
|
name
|
INTEGER DEFAULT '0'
|
station name
|
lastseenat
|
NUMERIC(17) DEFAULT '0'
|
time of the last connection
|
logged_in
|
INTEGER DEFAULT '0'
|
login status: 0 if failed, != 0 if OK
|
Table indexes
Index name
|
Index type
|
Fields
|
station_logins_pkey
|
table primary key
clustering index
|
id, machine_id, machine_mac, addr
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
machine_id
|
↔
|
cat_sid.id
|
machine_mac
|
↔
|
cat_mac.id
|
name
|
↔
|
cat_name_stations.id
|
station_modules
Information on anti-virus component modules installed on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
name
|
INTEGER NOT NULL
|
file name, reference to table cat_mod_name
|
owner
|
INTEGER DEFAULT '0'
|
file owner, reference to table cat_users
|
fsize
|
NUMERIC(17) DEFAULT '0'
|
file size
|
md5
|
INTEGER DEFAULT '0'
|
file MD5, reference to table cat_mod_md5
|
ctime
|
NUMERIC(17) DEFAULT '0'
|
file creation time
|
mtime
|
NUMERIC(17) DEFAULT '0'
|
file modification time
|
version
|
INTEGER DEFAULT '0'
|
module version, reference to table cat_mod_ver
|
descr
|
INTEGER DEFAULT '0'
|
module description, reference to table cat_mod_descr
|
createtime
|
NUMERIC(17) DEFAULT '0'
|
record creation time
|
Table indexes
Index name
|
Index type
|
Fields
|
station_modules_0001
|
simple table index
clustering index
|
id
|
Table references
Field name
|
Direction
|
Referenced table field
|
descr
|
↔
|
cat_mod_descr.id
|
id
|
→
|
stations.id
|
md5
|
↔
|
cat_mod_md5.id
|
name
|
↔
|
cat_mod_name.id
|
owner
|
↔
|
cat_users.id
|
version
|
↔
|
cat_mod_ver.id
|
station_netaddr
The list of network interfaces on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
ifname
|
TEXT DEFAULT ''
|
interface name
|
iffrname
|
TEXT DEFAULT ''
|
interface friendly name
|
ifdesc
|
TEXT DEFAULT ''
|
interface description
|
addr
|
TEXT DEFAULT ''
|
interface address
|
mask
|
TEXT DEFAULT ''
|
interface mask
|
mac
|
VARCHAR(128) NOT NULL
|
interface MAC address
|
modtime
|
NUMERIC(17) DEFAULT '0'
|
record modification time
|
Table indexes
Index name
|
Index type
|
Fields
|
station_netaddr_0001
|
simple table index
clustering index
|
id
|
station_netaddr_0002
|
simple table index
|
mac
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
station_netinstid
Identifiers of network installers used for Dr.Web Agent installation on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
nid
|
VARCHAR(36) DEFAULT ''
|
network installer ID
|
Table indexes
Index name
|
Index type
|
Fields
|
station_netinstid_0001
|
simple table index
clustering index
|
id
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
station_os_devgroups
Device classes on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
name
|
INTEGER DEFAULT '0'
|
group name
|
description
|
INTEGER DEFAULT '0'
|
group description
|
guid
|
VARCHAR(38) NOT NULL
|
group GUID
|
Table indexes
Index name
|
Index type
|
Fields
|
station_os_devgroups_pkey
|
table primary key
clustering index
|
id, guid
|
Table references
Field name
|
Direction
|
Referenced table field
|
description
|
↔
|
cat_dev_group_descr.id
|
id
|
→
|
stations.id
|
name
|
↔
|
cat_dev_group_name.id
|
station_os_devices
The list of devices on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
instance
|
INTEGER DEFAULT '0' NOT NULL
|
device instance ID
|
friendly_name
|
INTEGER DEFAULT '0'
|
device friendly name
|
description
|
INTEGER DEFAULT '0'
|
device description
|
capabilities
|
INTEGER DEFAULT '0'
|
device capabilities
|
class
|
INTEGER DEFAULT '0'
|
device class—group GUID
|
Table indexes
Index name
|
Index type
|
Fields
|
station_os_devices_0001
|
simple table index
|
instance
|
station_os_devices_pkey
|
table primary key
clustering index
|
id, instance
|
Table references
Field name
|
Direction
|
Referenced table field
|
class
|
↔
|
cat_device_class.id
|
description
|
↔
|
cat_device_descr.id
|
friendly_name
|
↔
|
cat_dev_friendly_name.id
|
id
|
→
|
stations.id
|
instance
|
↔
|
cat_device_instance.id
|
station_os_groups
Groups of operating system users on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
name
|
INTEGER DEFAULT '0' NOT NULL
|
group name
|
sid
|
INTEGER DEFAULT '0' NOT NULL
|
group SID
|
comm
|
INTEGER DEFAULT '0'
|
comment
|
Table indexes
Index name
|
Index type
|
Fields
|
station_os_groups_pkey
|
table primary key
clustering index
|
id, sid
|
Table references
Field name
|
Direction
|
Referenced table field
|
comm
|
↔
|
cat_os_group_descr.id
|
id
|
→
|
stations.id
|
name
|
↔
|
cat_os_group_name.id
|
sid
|
↔
|
cat_os_sid.id
|
station_os_users
Operating system users on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
login
|
INTEGER DEFAULT '0' NOT NULL
|
user login name
|
sid
|
INTEGER DEFAULT '0' NOT NULL
|
user SID
|
full_name
|
INTEGER DEFAULT '0'
|
full name
|
Table indexes
Index name
|
Index type
|
Fields
|
station_os_users_pkey
|
table primary key
clustering index
|
id, sid
|
Table references
Field name
|
Direction
|
Referenced table field
|
full_name
|
↔
|
cat_os_user_name.id
|
id
|
→
|
stations.id
|
login
|
↔
|
cat_os_user_name.id
|
sid
|
↔
|
cat_os_sid.id
|
station_products
Information on products installed on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
product
|
VARCHAR(64) NOT NULL
|
product name
|
crev
|
NUMERIC(17) DEFAULT '0'
|
current revision
|
nrev
|
NUMERIC(17) DEFAULT '0'
|
new revision
|
pstate
|
VARCHAR(1)
|
product state: S—stable, F—failed, D—delayed
|
modtime
|
NUMERIC(17) DEFAULT '0'
|
record modification time
|
Table indexes
Index name
|
Index type
|
Fields
|
station_products_0001
|
simple table index
|
id
|
station_products_pkey
|
table primary key
clustering index
|
id, product
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
station_quarantine
The state of the quarantine on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
object
|
VARCHAR(128) DEFAULT ''
|
file name in quarantine
|
qtime
|
NUMERIC(17) DEFAULT '0'
|
time of moving file to quarantine
|
origname
|
INTEGER DEFAULT '0'
|
original file name
|
hash
|
VARCHAR(64) DEFAULT '0'
|
file hash (SHA-256)
|
len
|
NUMERIC(17) DEFAULT '0'
|
file length
|
mtime
|
NUMERIC(17) DEFAULT '0'
|
file modification time
|
owner
|
INTEGER DEFAULT '0'
|
file owner
|
virusinfo
|
INTEGER DEFAULT '0'
|
threat information, reference to table cat_virusinfo
|
created
|
NUMERIC(17) NOT NULL
|
record creation time
|
sync
|
INTEGER DEFAULT '1'
|
syncronization information
|
component
|
NUMERIC(17) DEFAULT '0'
|
anti-virus component that moved the file
|
Table indexes
Index name
|
Index type
|
Fields
|
station_quarantine_0001
|
simple table index
clustering index
|
id, created
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
origname
|
↔
|
cat_path.id
|
owner
|
↔
|
cat_users.id
|
virusinfo
|
↔
|
cat_virusinfo.id
|
station_running
Information on anti-virus components running on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
pid
|
NUMERIC(12) DEFAULT '0'
|
process ID
|
type
|
INTEGER DEFAULT '0'
|
start type (user/agent/etc.)
|
component
|
INTEGER DEFAULT '0'
|
component number
|
username
|
INTEGER DEFAULT '0'
|
user who launched the component
|
params
|
INTEGER DEFAULT '0'
|
process parameters
|
starttime
|
NUMERIC(17) NOT NULL
|
record creation
|
Table indexes
Index name
|
Index type
|
Fields
|
station_running_0001
|
simple table index
clustering index
|
id
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
params
|
↔
|
cat_run_param.id
|
username
|
↔
|
cat_users.id
|
station_status
Statistics on station status.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
severity
|
NUMERIC(11) NOT NULL
|
status severity
|
source
|
NUMERIC(11) NOT NULL
|
status source
|
reserved
|
NUMERIC(11) NOT NULL
|
reserved part of status
|
code
|
NUMERIC(15) NOT NULL
|
record code
|
args
|
TEXT DEFAULT ''
|
record arguments
|
createtime
|
NUMERIC(17) NOT NULL
|
record creation
|
Table indexes
Index name
|
Index type
|
Fields
|
station_status_0004
|
simple table index
clustering index
|
id, code
|
station_status_0005
|
simple table index
|
id, severity, source, reserved, code
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
station_sysinfo
Status of system information collection on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
name
|
VARCHAR(256) NOT NULL
|
report file name
|
sha256
|
VARCHAR(64) DEFAULT ''
|
report file SHA-256 hash
|
progress
|
INTEGER DEFAULT '0'
|
progress in percents
|
state
|
INTEGER DEFAULT '0'
|
collection state
|
error
|
TEXT DEFAULT ''
|
error message
|
begintime
|
NUMERIC(17) DEFAULT '0'
|
collection begin time
|
endtime
|
NUMERIC(17) DEFAULT '0'
|
collection end time
|
modtime
|
NUMERIC(17) DEFAULT '0'
|
record modification time
|
Table indexes
Index name
|
Index type
|
Fields
|
station_sysinfo_pkey
|
table primary key
clustering index
|
id, name
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
station_user_logon
The list of OS user sessions on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
username
|
INTEGER DEFAULT '0'
|
user name
|
logontime
|
NUMERIC(17) DEFAULT '0'
|
user logon time
|
isession
|
INTEGER NOT NULL
|
user session ID
|
proto
|
INTEGER DEFAULT '0'
|
connection protocol (0—local, 2—rdp)
|
address
|
VARCHAR(512) DEFAULT ''
|
network address if user connected remotely
|
sid
|
VARCHAR(256) DEFAULT ''
|
user SID
|
Table indexes
Index name
|
Index type
|
Fields
|
station_user_logon_pkey
|
table primary key
clustering index
|
id, isession
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
username
|
↔
|
cat_users.id
|
station_vdb
Information on virus databases installed on stations.
Table fields
Field name
|
Field type
|
Description
|
id
|
VARCHAR(36) NOT NULL
|
station ID
|
name
|
INTEGER NOT NULL
|
database file name
|
version
|
NUMERIC(15) DEFAULT '0'
|
version
|
idate
|
NUMERIC(12) DEFAULT '0'
|
issue date
|
viruses
|
NUMERIC(15) DEFAULT '0'
|
number of threat records
|
createtime
|
NUMERIC(17) NOT NULL
|
record creation
|
Table indexes
Index name
|
Index type
|
Fields
|
station_vdb_0001
|
simple table index
clustering index
|
id, name
|
Table references
Field name
|
Direction
|
Referenced table field
|
id
|
→
|
stations.id
|
name
|
↔
|
cat_vdb.id
|
|