| badgepoint-physical-badge-access-1 |
badgepoint-b-kv-physical-location-access-readerid |
| barracuda-accounting-login |
barracuda-firewall-kv-vpn-login-success-accountinglogin |
| barracuda-accounting-logout |
barracuda-firewall-kv-vpn-logout-success-session |
| barracuda-dlp-email-alert-out |
barracuda-esg-json-dlp-email-send-success |
| barracuda-dlp-email-alert-out-1 |
barracuda-esg-json-dlp-email-send-success-1 |
| barracuda-dlp-email-alert-out-failed |
barracuda-esg-json-dlp-email-send-fail |
| barracuda-email |
barracuda-esg-cef-email-receive-barracudanetworks |
| barracuda-failed-logon |
barracuda-firewall-str-endpoint-login-fail-denied |
| barracuda-failed-vpn-login |
barracuda-firewall-str-vpn-login-fail-authfail |
| barracuda-firewall-network-connection |
barracuda-firewall-str-network-traffic-firewallactivity |
| barracuda-firewall-network-connection-1 |
barracuda-firewall-kv-network-traffic-networktraffic |
| barracuda-login-peer |
barracuda-firewall-kv-vpn-login-success-peerlogin |
| barracuda-logout |
barracuda-firewall-str-app-logout-success-closed |
| barracuda-logout-peer |
barracuda-firewall-kv-vpn-logout-success-peer |
| barracuda-network-info-1 |
barracuda-firewall-str-alert-trigger-insertevent |
| barracuda-network-info-2 |
barracuda-firewall-str-app-notification-success-4004 |
| barracuda-network-info-3 |
barracuda-firewall-str-app-notification-success-4006 |
| barracuda-network-info-4 |
barracuda-firewall-str-app-notification-success-4024 |
| barracuda-network-info-5 |
barracuda-firewall-str-app-notification-success-4008 |
| barracuda-network-info-6 |
barracuda-firewall-str-app-notification-success-4016 |
| barracuda-remote-logon |
barracuda-firewall-str-endpoint-login-allowed |
| barracuda-vpn-auth-attempt |
barracuda-firewall-str-app-authentication-success-requestfromuser |
| barracuda-vpn-auth-attempt-1 |
barracuda-firewall-str-app-authentication-success-preauthentication |
| barracuda-vpn-auth-attempt-2 |
barracuda-firewall-str-app-authentication-success-authrequest |
| barracuda-vpn-auth-attempt-3 |
barracuda-firewall-str-app-authentication-success-authlogin |
| barracuda-vpn-login |
barracuda-firewall-str-vpn-login-success-authsucceeded |
| barracuda-web-activity |
barracuda-waf-str-http-request-success-tr |
| barracuda-web-activity-1 |
barracuda-waf-str-http-request-success-valid |
| barracuda-web-activity-2 |
barracuda-waf-str-http-request-success-profiledvalid |
| barracuda-web-activity-3 |
barracuda-waf-str-http-request-success-protectedvalid |
| barracuda-web-activity-4 |
barracuda-waf-str-http-request-success-unproctectedvalid |
| barracuda-web-activity-5 |
barracuda-waf-str-http-request-success-defaultunprotectedvalid |
| barracuda-web-activity-6 |
barracuda-waf-str-http-request-success-passivevalid |
| barracuda-web-activity-7 |
barracuda-waf-str-http-request-success-serverdefaultpassivevalid |
| bastion-failed-logon |
amazon-awabastion-str-endpoint-login-fail-accessdeniedtoidqsadsgui |
| bastion-remote-logon |
amazon-awabastion-str-endpoint-login-success-logon |
| beyond-account-add |
beyondtrust-bi-json-user-create-success-add |
| beyond-account-delete |
beyondtrust-bi-json-user-delete-success-delete |
| beyond-account-retrieve |
beyondtrust-bi-json-user-privilege-use-switch-success-retrieve |
| beyond-account-unlock |
beyondtrust-bi-json-user-unlock-success-unlock |
| beyond-activity-approve |
beyondtrust-bi-json-app-activity-success-approve |
| beyond-activity-cancel |
beyondtrust-bi-json-app-activity-success-cancel |
| beyond-activity-deny |
beyondtrust-bi-json-app-activity-success-deny |
| beyond-activity-expire |
beyondtrust-bi-json-app-activity-success-expire |
| beyond-activity-update |
beyondtrust-bi-json-app-activity-success-update |
| beyondtrust-account-add |
beyondtrust-bi-cef-user-create-success-add |
| beyondtrust-app-activity |
beyondtrust-sra-kv-app-activity-success-connectionterminated |
| beyondtrust-app-activity-1 |
beyondtrust-b-kv-endpoint-login-success-loggedin |
| beyondtrust-app-activity-2 |
beyondtrust-sra-cef-app-activity-success-read |
| beyondtrust-app-activity-3 |
beyondtrust-sra-cef-app-activity-success-add |
| beyondtrust-app-activity-4 |
beyondtrust-sra-cef-app-activity-success-edit |
| beyondtrust-app-activity-5 |
beyondtrust-sra-cef-app-activity-success-schedule |
| beyondtrust-app-activity-6 |
beyondtrust-bi-cef-app-activity-success-approve |
| beyondtrust-app-activity-7 |
beyondtrust-bi-cef-app-activity-success-appauditadd |
| beyondtrust-app-activity-8 |
beyondtrust-bi-cef-app-activity-success-appauditdelete |
| beyondtrust-app-login |
beyondtrust-sra-kv-app-login-success-event |
| beyondtrust-auth-attempt |
beyondtrust-sra-kv-endpoint-login-success-challenge |
| beyondtrust-failed-app-login |
beyondtrust-sra-kv-app-login-fail-status |
| beyondtrust-passwordsafe |
beyondtrust-passwordsafe-kv-user-passwordretrieve |
| beyondtrust-passwordsafe-app-activity |
beyondtrust-passwordsafe-json-app-activity-success-read |
| beyondtrust-passwordsafe-app-activity-1 |
beyondtrust-passwordsafe-json-user-password-reset-success-passwordreset |
| beyondtrust-passwordsafe-app-login |
beyondtrust-passwordsafe-json-app-login-success-beyondinsight |
| beyondtrust-passwordsafe-app-login-1 |
beyondtrust-passwordsafe-json-app-login-success-applogin |
| beyondtrust-passwordsafe-failed-app-login |
beyondtrust-passwordsafe-json-app-login-fail-loginfailure |
| beyondtrust-passwordsafe-logout |
beyondtrust-passwordsafe-json-app-logout-success-logout |
| beyondtrust-pi-account-password-change |
beyondtrust-prividentity-json-user-password-modify-success-2023 |
| beyondtrust-pi-account-password-change-1 |
beyondtrust-prividentity-kv-user-password-modify-success-sharedcredentiallisteditedaccount |
| beyondtrust-pi-account-switch |
beyondtrust-prividentity-kv-user-switch-success-passwordcheckedout |
| beyondtrust-pi-app-activity |
"beyondtrust-prividentity-xml-app-activity-success-identity |
| beyondtrust-pi-app-activity-10 |
beyondtrust-prividentity-kv-app-activity-success-sharedcredentiallistaddedaccount |
| beyondtrust-pi-app-activity-4 |
beyondtrust-prividentity-kv-app-activity-success-webapppasswordcheckin |
| beyondtrust-pi-app-activity-5 |
beyondtrust-prividentity-kv-app-activity-success-passwordcheckedin |
| beyondtrust-pi-app-activity-6 |
beyondtrust-prividentity-kv-app-activity-success-passwordchangeonsystem |
| beyondtrust-pi-app-activity-8 |
beyondtrust-prividentity-kv-app-activity-success-passwordcheckoutexpired |
| beyondtrust-pi-app-activity-9 |
beyondtrust-prividentity-kv-app-activity-success-sharedcredentiallistremovedaccount |
| beyondtrust-pi-app-login |
beyondtrust-prividentity-cef-app-login-privilegedidentity |
| beyondtrust-pi-app-logout |
beyondtrust-prividentity-cef-app-logout-success-webapplogout |
| beyondtrust-pi-app-system-info |
beyondtrust-prividentity-cef-app-activity-eventid |
| beyondtrust-pi-logout |
beyondtrust-prividentity-kv-app-logout-3020 |
| beyondtrust-pi-password-access |
beyondtrust-prividentity-cef-app-activity-success-idpassword |
| beyondtrust-pi-privilege-access |
beyondtrust-prividentity-kv-user-privilege-use-success-2038 |
| beyondtrust-pi-privileged-access |
beyondtrust-prividentity-kv-user-privilege-modify-success-jobaccountelevated |
| beyondtrust-pi-privileged-access-1 |
beyondtrust-prividentity-kv-user-privilege-modify-success-jobaccountelevationdeelevated |
| beyondtrust-privileged-access |
beyondtrust-powerbroker-kv-user-privilege-use-success-elevation |
| beyondtrust-privileged-access-1 |
beyondtrust-b-kv-user-privilege-assign-success-secureremoteaccess |
| beyondtrust-privileged-access-2 |
beyondtrust-b-json-user-privilege-assign-success-28691 |
| beyondtrust-privileged-access-3 |
beyondtrust-b-json-user-privilege-assign-success-28693 |
| beyondtrust-process-created |
beyondtrust-powerbroker-json-process-create-success-28692 |
| bind-dns-query |
unix-unixnamed-str-dns-request-success-client |
| bind-dns-query-1 |
unix-unixnamed-json-dns-request-denied |
| bind-dns-query-2 |
unix-unixnamed-str-dns-request-success-client-1 |
| bind-dns-query-3 |
unix-binddns-str-dns-request-success-query |
| bind-dns-query-4 |
unix-unixnamed-str-dns-request-success-rpz |
| bind-dns-response-1 |
unix-unixnamed-json-dns-response-success |
| bind-system-info-1 |
unix-unixnamed-json-app-notification-novalidrrsig |
| bind-system-info-2 |
unix-unixnamed-json-app-notification-insecurity |
| bind-system-info-3 |
unix-unixnamed-json-app-notification-unreachable |
| bind-system-info-4 |
unix-unixnamed-json-app-notification-dsresolving |
| bitglass-app-login |
bitglass-casb-mix-app-login-success-allowlogin |
| bitglass-app-login-failed |
bitglass-casb-mix-app-login-fail-loginfailure |
| bitglass-dlp-email-alert-out |
bitglass-casb-json-email-send-success-emailsend |
| bitglass-failed-login |
bitglass-casb-kv-app-login-fail-login |
| bitglass-file-download |
bitglass-casb-kv-file-download-success-cloudstorage |
| bitglass-file-download-1 |
bitglass-casb-kv-file-download-success-downloaded |
| bitglass-file-read |
bitglass-casb-json-file-read-success-download |
| bitglass-file-write |
bitglass-casb-json-file-write-success-uploaded |
| bluecat-networks-dhcp |
bluecatnetworks-bnetworks-kv-dhcp-session-success-dhcpd |
| bluecoat-proxy-1 |
symantec-bcpa-mix-http-session-observed |
| bluecoat-proxy-10 |
symantec-bcpa-cef-http-session-security |
| bluecoat-proxy-11 |
symantec-bcpa-str-network-traffic-fail-tcp |
| bluecoat-proxy-12 |
symantec-bcpa-str-http-session-observedtcp |
| bluecoat-proxy-13 |
symantec-bcpa-mix-http-session-get |
| bluecoat-proxy-14 |
symantec-bcpa-str-network-traffic-fail-ssl |
| bluecoat-proxy-15 |
symantec-bcpa-str-http-session-failed |
| bluecoat-proxy-2 |
symantec-bcpa-str-http-session-httpproxied |
| bluecoat-proxy-3 |
symantec-bcpa-mix-http-session-deniedtcp |
| bluecoat-proxy-4 |
symantec-bcpa-str-http-session-observedssl |
| bluecoat-proxy-5 |
symantec-bcpa-csv-space-delimited-http-session-proxied |
| bluecoat-proxy-6 |
symantec-bcpa-csv-http-session-tunneled |
| bluecoat-proxy-7 |
symantec-bcpa-mix-http-session-connect |
| bluecoat-proxy-8 |
symantec-bcpa-mix-http-session-proxied |
| bluecoat-proxy-9 |
symantec-bcpa-mix-http-session-ssldenied |
| bluecoat-proxy-v2 |
symantec-wss-kv-http-session-filter |
| bluecoat-proxy-v3 |
symantec-wss-kv-http-session-cshost |
| bluecoat-proxy-v4 |
symantec-wss-str-http-session-logstashproxysgserver |
| bluecoat-proxy-v5 |
symantec-wss-str-http-session-proxysgclient |
| bluecoat-proxy-v6 |
symantec-bcpa-kv-http-session-connect |
| bluecoat-proxy-v7 |
symantec-bcpa-kv-http-session-get |
| bluecoat-web-activity |
symantec-wss-json-http-session-queryresponse |
| box-activity |
box-ccm-kv-file-operation |
| box-activity-1 |
box-ccm-csv-file-read-success-preview |
| box-activity-2 |
box-ccm-csv-file-download-success-download |
| box-skyformation-file-activity |
box-ccm-cef-file-success-box |
| brivo-badge-access |
brivo-b-json-physical-location-access-sitename |
| bro-captureloss |
zeek-z-str-app-notification-captureloss |
| bro-conn |
zeek-z-str-network-traffic-connlog |
| bro-dce_rpc |
zeek-z-str-endpoint-login-success-dcerpclog |
| bro-dhcp |
zeek-z-str-dhcp-traffic-success-dhcp |
| bro-dhcp-1 |
zeek-z-json-endpoint-login-success-ipassign |
| bro-dhcp-activity-2 |
zeek-z-json-endpoint-login-success-protocol |
| bro-dns |
zeek-z-str-dns-response-success-dnslog |
| bro-dns-query |
zeek-z-json-dns-request-success-dnsred |
| bro-dns-response |
zeek-z-json-dns-response-success-rcode |
| bro-dns-response-1 |
zeek-z-json-dns-response-success-dnsred |
| bro-dns-response-2 |
zeek-z-kv-dns-response-success-dnsresponse |
| bro-dpd |
zeek-z-str-app-notifiction-dpd |
| bro-files |
zeek-z-str-file-read-success-fileslog |
| bro-files-analysis |
zeek-z-json-file-read-success-fuid |
| bro-ftp |
zeek-z-str-ftp-traffic-ftp |
| bro-ftp-1 |
zeek-z-json-app-activity-success-resph |
| bro-ftp-activity-2 |
zeek-z-json-app-activity-success-protocol |
| bro-ftp-app-activity |
zeek-z-str-app-activity-success-ftpappactivity |
| bro-http-web-activity-2 |
zeek-z-json-http-session-fileset |
| bro-httpeth0 |
zeek-z-str-http-session-httpeth0log |
| bro-kerberos |
zeek-z-str-endpoint-login-kerberoslog |
| bro-kerberos-1 |
zeek-z-json-endpoint-login-id |
| bro-knownhosts |
zeek-z-str-app-activity-success-hosts |
| bro-knownservices |
zeek-z-str-network-notification-services |
| bro-mysql |
zeek-z-kv-database-query-success-tquery |
| bro-mysql-1 |
zeek-z-str-database-login-success-tlogin |
| bro-mysql-2 |
zeek-z-json-database-activity-mysql |
| bro-network |
zeek-z-str-network-traffic-empty |
| bro-network-alert |
zeek-z-json-alert-trigger-success-weirdred |
| bro-network-connection |
zeek-z-json-network-traffic-success-connstate |
| bro-network-connection-1 |
zeek-z-json-network-traffic-success-ageofconn |
| bro-notice |
zeek-z-str-alert-trigger-notice |
| bro-ntlm |
zeek-z-str-endpoint-login-ntlmlog |
| bro-ntlm-1 |
zeek-z-json-endpoint-login-id-1 |
| bro-radius |
zeek-z-json-radius-traffic-id |
| bro-radius-1 |
zeek-z-json-endpoint-login-framefail |
| bro-rdp-remote-logon-1 |
zeek-z-str-endpoint-login-success-3389 |
| bro-rdp-remote-logon-2 |
zeek-z-str-endpoint-login-3389 |
| bro-rdp-remote-logon-3 |
zeek-z-json-rdp-traffic-success-id |
| bro-remote-logon-2 |
zeek-z-json-endpoint-login-rdp |
| bro-share-access |
zeek-z-json-share-access-success-action |
| bro-share-access-2 |
zeek-z-str-share-access-success-445 |
| bro-smb-files |
zeek-z-json-file-success-sbmfiles |
| bro-smb_mapping |
zeek-z-str-share-access-success-445-1 |
| bro-smb_mapping-1 |
zeek-z-json-share-access-success-smbmapping |
| bro-smb_mapping-2 |
zeek-z-json-share-access-success-sharetype |
| bro-smtp |
zeek-z-str-email-success-smtplog |
| bro-smtp-1 |
zeek-z-json-email-send-receive-rcptto |
| bro-smtp-activity-2 |
zeek-z-json-email-send-success-smtp |
| bro-software |
zeek-z-kv-network-notification-software |
| bro-ssh |
zeek-z-str-ssh-traffic-success-sshlog |
| bro-ssh-1 |
zeek-z-json-ssh-endpoint-ssh |
| bro-ssh-2 |
zeek-z-json-endpoint-login-fail-ssh |
| bro-ssl |
zeek-z-str-network-traffic-ssl |
| bro-ssl-1 |
zeek-z-json-endpoint-authentication-ssl |
| bro-ssl-activity-2 |
zeek-z-json-endpoint-authentication-established |
| bro-stats |
zeek-zeek-str-network-session-statslog |
| bro-syslog |
zeek-zeek-str-network-traffic-syslog |
| bro-tunnel |
zeek-zeek-str-network-traffic-tunnellog |
| bro-tunnel-1 |
zeek-z-json-network-traffic-tunnel |
| bro-web-activity |
zeek-z-json-http-session-hoststatus |
| bro-weird |
zeek-z-str-network-traffic-weird |
| bro-x509 |
zeek-z-str-network-notification-x509 |