What Entity types do we support?

0: "SourceHostName"
1: "SourceAddress"
2: "SourceUserName"
3: "SourceProcessName"
4: "SourceMacAddress"
5: "DestinationHostName"
6: "DestinationAddress"
7: "DestinationUserName"
8: "DestinationProcessName"
9: "DestinationMacAddress"
10: "DestinationURL"
11: "Process"
12: "FileName"
13: "FileHash"
14: "EmailSubject"
15: "ThreatSignature"
16: "USB"
17: "Deployment"
18: "CreditCard"
19: "PhoneNumber"
20: "CVE"
21: "ThreatActor"
22: "ThreatCampaign"
23: "GenericEntity"
24: "ParentProcess"
25: "ParentHash"
26: "ChildProcess"
27: "ChildHash"
28: "SourceDomain"
29: "DestinationDomain"
30: "IPSET"
31: "Cluster"
32: "Application"
33: "Database"
34: "Pod"
35: "Container"
36: "Service"

Need more help? Get answers from Community members and Google SecOps professionals.