CYBER_ATTACK_FAILED¶
This event is generated when an attempted cyber attack failed.
Format¶
<time> _CYBER_ATTACK_FAILED <attacker> <victim> Attack_Type: <attack_type> \
Reason: <reason> Success: Threshold: <success_threshold> Draw: <success_draw>
Report: Status: <report_status> Threshold: <report_threshold> Draw: <report_draw>
Breakdown¶
- <time>
Simulation time of the event
- _CYBER_ATTACK_FAILED
Name of event
- <attacker>
Name of the attacking platform
- <victim>
Name of the victim platform
- <attack_type>
Name of the cyber_attack type.
- <reason>
Reason for the failure of the attack. This will be
random_draw
blocked_by_immunity
blocked_by_scan
blocked_by_vulnerability
- <success_threshold>
The probability threshold for attack success (valid only if <reason> is random_draw).
- <success_draw>
The current random draw. (valid only if <reason> is random_draw)
- <report_status>
If the <reason> was random_draw then this will be ‘Succeeded’ if a status report was provided to the attacker or ‘Failed’ if not. If <reason> was not random_draw then this will be ‘Unknown’.
- <report_threshold>
The probability threshold for status report. (valid only if <reason> is random_draw)
- <report_draw>
The random draw for status report. (valid only if <reason> is random_draw)
How it Appears in Output¶
How to Show Event Messages¶
event_output file replay.evt # write event messages to file "replay.evt" enable _CYBER_ATTACK_FAILED end_event_output
