Aurora Focus sensors
The following sensors are enabled by default in the Aurora Focus agent when you turn on Aurora Focus in a device policy. You cannot disable these sensors. For more information about the optional sensors that you can enable, see Aurora Focus optional sensors.
For more information about the events, artifacts, and event types associated with both the default and optional sensors, see Data structures that Aurora Focus uses to identify threats.
|
Sensor |
Platform |
Description |
Event types |
|---|---|---|---|
|
Device |
macOS Linux |
Collects relevant device information |
Mount |
|
File |
Windows macOS Linux |
Collects information about file operations |
|
|
Memory |
macOS Linux |
Collects information about memory operations |
|
|
Network |
Windows macOS Linux |
Collects information about network connections |
Connect |
|
Process |
Windows macOS Linux |
Collects information about process operations |
Supported event types differ by platform. See the Process section of Data structures that Aurora Focus uses to identify threats.
|
|
Registry |
Windows |
Collects information about registry operations |
|