For proper operation of Search Anywhere Framework, there are several system search patterns responsible for storing information required by various modules. Manually creating indexes that match these search patterns is not recommended to maintain system stability.
| Name | Stored Information |
|---|
.smos_metrics-* | Results of active metric calculations in the Asset Service Model. |
.smos_risk-* | Results of active Risk Score Calculation actions. |
.smos_mitre-* | Results of active MITRE ATT&CK® Technique Recording actions. |
| Name | Stored Information |
|---|
.smos_incidents* | List of incidents created manually or via the Create Incident active action. |
.sm_incident_aggregation_results* | List of aggregation results. |
| Name | Stored Information |
|---|
.sm_rsm_snapshot* | List of Asset Service Model snapshots during execution. |
| Name | Stored Information |
|---|
.sm_rsm_v2_calculated_metrics* | Metric calculations. |
.sm_rsm_v2_calculated_metric_entities* | Object metric calculations. |
.sm_rsm_v2_calculated_service_health* | Service health calculations. |
| Name | Stored Information |
|---|
.sm_uba_policies_statistics* | UBA policy execution statistics. |
.sm_uba_objects_statistics* | UBA object execution statistics. |
.sm_uba_objects_scoring* | List of scoring objects. |
| Name | Stored Information |
|---|
.sm_inv_history_changes* | Change history list. |
.sm_inv_statistics* | Asset calculation module execution statistics. |