| Name | Description | |
|---|---|---|
 | Abstract | Get a small summery of the penetration detected |
| AccessProtocol | |
| AddressFamily | The AddressFamily used. |
| CloseConnection | Gets a value indicating whether the connection was closed. |
| CommunicationLog | contains the data that was send by the remote phishing request |
| Communications | number of times we have received data from the IP and Port |
| DataOwner | The data owner that owns the entry |
| DnsEntry | Gets the DNS entry at the time of the recording. |
| FirstDetectedOn | first detection made |
| GuardResponse | Gets the guard response type send to the user. |
| LastDetection | Last time the port was accessed by the IP address |
| LocalAddress | The local IP address that was connected to in the detection. |
| PayloadInfo | Gets the payload information if a offensive response. |
| PortMapper | The port mapper configuration |
| ProtocolType | protocols that the was used when sending the data; |
| RawStream | A base 64 string containing the data that was send to the honeypot |
| RemoteAddress | Represents a network endpoint as an IP address and a port number that triggered the detection. |
| RemoteCIDR | Gets the remote cidr. |
| RemotePort | The remote port as communicated by the socket connection |
| ReportingUri | Uniform Resource identified providing a reporting endpoint for the resource being monitored |
| SocketType | type of socket that was used |
| Triggered | Indicates what type of attempt was detected |
| Ttl | The hackers Time To Live (TTL) value that was used |
| UniqueIdentifier | Gets the unique identifier. |
| UserID | Gets the user ID mapped to the incident. |