Detection information
The information that Arc detects. The table shows two types of Category: network and asset. When the Category is listed as network, it means that the detection is based on information that has been extracted from the network. When the Category is listed as asset, it means that the detection is based on information that has been extracted from the asset.
| Category | Information | Windows  |
macOS  |
Linux  |
Configuration option |
|---|---|---|---|---|---|
| sensor | Traffic monitoring | 
|
|
|
Traffic monitoring |
| sensor | Discovery |
|
|
|
Discovery |
| sensor | Smart Polling |
|
|
|
Smart Polling |
| endpoint | media access control (MAC) addresses |
|
|
|
always on |
| endpoint | internet protocol (IP) addresses |
|
|
|
always on |
| endpoint | Product name |
|
|
|
always on |
| endpoint | Vendor |
|
|
|
always on |
| endpoint | Label/host name |
|
|
|
always on |
| endpoint | operating system (OS) |
|
|
|
always on |
| endpoint | Serial number |
|
|
|
always on |
| endpoint | Hardware components |
|
|
always on | |
| endpoint | Local address resolution protocol (ARP) table |
|
|
|
Local ARP table |
| endpoint | Sigma rules |
|
Sigma rules | ||
| endpoint | universal serial bus (USB) detections |
|
USB detections | ||
| endpoint | central processing unit (CPU) usage |
|
|
|
node points |
| endpoint | Memory usage |
|
|
|
node points |
| endpoint | Disk usage |
|
|
|
node points |
| endpoint | Installed software |
|
|
node points | |
| endpoint | Hotfixes |
|
node points | ||
| endpoint | Antivirus |
|
node points | ||
| endpoint | Log4j detection |
|
|
|
node points |
| endpoint | User accounts |
|
|
|
node points |
| endpoint | Logged in users |
|
|
|
node points |
| endpoint | USB interfaces |
|
node points | ||
| endpoint | Network interfaces |
|
|
|
node points |
| endpoint | Processes and ports |
|
|
|
node points |
| endpoint | Disk partitions |
|
|
|
node points |
| endpoint | domain name server (DNS) |
|
|
|
node points |
| endpoint | CPU |
|
|
|
node points |