Cisco AMP DSM specifications

The following table describes the specifications for the Cisco AMP DSM.

Table 1. Cisco AMP DSM specifications
Specification	Value
Manufacturer	Cisco
DSM	Cisco AMP
RPM name	DSM-CiscoAMP-`QRadar_version-Build_number`.noarch.rpm
Supported versions	N/A
Protocol	RabbitMQ
Event format	Cisco AMP
Recorded event types	All security events For a detailed list of supported events, go to the Cisco AMP for Endpoints API documentation. (https://api-docs.amp.cisco.com/api_actions/details?api_action=GET+%2Fv1%2Fevent_types&api_host=api.amp.cisco.com&api_resource=Event+Type&api_version=v1) Note: Network traffic is supported only for Data Flow Control (DCF) events.
Automatically discovered?	No
Includes identity?	No
Includes custom properties?	No
More information	Cisco website (https://api-docs.amp.cisco.com/)