Format-S1DvEvent

SYNOPSIS

Format SentinelOne Deep Visibility event data based on object type.

SYNTAX

Format-S1DvEvent [[-InputObject] <Object>] [<CommonParameters>]

DESCRIPTION

This function formats SentinelOne Deep Visibility event data by selecting relevant properties based on the event's object type. It supports various object types such as "command_script", "ip", "dns", "file", "scheduled_task", "indicators", "process", and "registry". The function ensures that only the relevant properties for the specified object type are included in the output.

EXAMPLES

EXAMPLE 1

Format-S1DvEvent -InputObject $Event

Formats the Deep Visibility event data for the specified event object.

EXAMPLE 2

Get-S1DvEvent | Format-S1DvEvent

Formats the Deep Visibility event data for each event object in the pipeline.

PARAMETERS

-InputObject

The Deep Visibility event object to be formatted.

Type: Object
Parameter Sets: (All)
Aliases:

Required: False
Position: 1
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Format-S1DvEvent

SYNOPSIS

SYNTAX

DESCRIPTION

EXAMPLES

EXAMPLE 1

EXAMPLE 2

PARAMETERS

-InputObject

CommonParameters

INPUTS

OUTPUTS

NOTES

Format-S1DvEvent

SYNOPSIS

SYNTAX

DESCRIPTION

EXAMPLES

EXAMPLE 1

EXAMPLE 2

PARAMETERS

-InputObject

CommonParameters

INPUTS

OUTPUTS

NOTES

RELATED LINKS