CYBER_SCAN_DETECTED¶
This event is generated when an attempted cyber scan is detected by the victim.
Format¶
<time> _CYBER_SCAN_DETECTED <attacker> <victim> Attack_Type: <attack_type> \
Reason: <reason> Scan_Detection: Threshold: <detect_threshold> Draw: <detect_draw>
Breakdown¶
- <time>
Simulation time of the event
- _CYBER_SCAN_DETECTED
Name of event
- <attacker>
Name of the attacking platform
- <victim>
Name of the victim platform
- <attack_type>
Name of the cyber_attack type.
- <reason>
Reason for the failure of the scan. This will be
blocked_by_scan
blocked_by_immunity
random_draw
- <detect_threshold>
The probability threshold for attack success (valid only if <reason> is random_draw).
- <detect_draw>
The current random draw. (valid only if <reason> is random_draw)
How it Appears in Output¶
How to Show Event Messages¶
event_output file replay.evt # write event messages to file "replay.evt" enable _CYBER_SCAN_DETECTED end_event_output
