We will maintain the original CDM UUIDs for alarms on Theia data coming out of those two detectors: "ProcessesWithNetworkActivity" and "FilesTouchedByProcesses". We'll send all alarms produced by those two detectors to the Theia system, and we'll create a URL included in those alarms, as we discussed previously. That URL will point to the Theia server, and include alarm information (e.g. like an alarm ID) which the Theia team can use to look up the possible future results of their deeper provenance analysis (if it is available).
We will maintain the original CDM UUIDs for alarms on Theia data coming out of those two detectors: "ProcessesWithNetworkActivity" and "FilesTouchedByProcesses". We'll send all alarms produced by those two detectors to the Theia system, and we'll create a URL included in those alarms, as we discussed previously. That URL will point to the Theia server, and include alarm information (e.g. like an alarm ID) which the Theia team can use to look up the possible future results of their deeper provenance analysis (if it is available).
Ryan's email thread: https://mail.google.com/mail/u/0/#inbox/QgrcJHsTkxvVKjXCVjmkfFHQDVqDCbdFdLl