| l-4673 |
"microsoft-evsecurity-xml-user-privilege-assign-success-4673 |
| l-4674 |
microsoft-evsecurity-cef-user-privilege-use-success-4674-1 |
| l-4688-v2 |
"microsoft-evsecurity-xml-process-create-success-4688-1 |
| l-4720 |
"microsoft-evsecurity-xml-user-create-success-4720-1 |
| l-4722 |
"microsoft-evsecurity-xml-user-enable-success-4722 |
| l-4723 |
microsoft-evsecurity-str-user-password-modify-4723-1 |
| l-4724 |
microsoft-evsecurity-str-user-password-reset-success-4724 |
| l-4725 |
microsoft-evsecurity-json-user-disable-success-4725 |
| l-4740 |
"microsoft-evsecurity-xml-user-lock-success-4740-1 |
| l-4767 |
"microsoft-evsecurity-xml-user-unlock-success-4767-1 |
| l-aruba-failed-nac-logon |
hp-arubacpm-kv-endpoint-authentication-fail-authfailed |
| l-aruba-nac-logon |
hp-arubacpm-kv-endpoint-login-success-authsuccessfull |
| l-ironport-dlp-email-alert |
cisco-ie-kv-email-alert |
| l-ironport-dlp-email-attachment |
cisco-ie-kv-email-attachment |
| l-ironport-dlp-email-host |
cisco-ie-kv-email-response |
| l-ironport-email-outcome |
cisco-ie-csv-email-outcome |
| l-lenel-badge-access |
lenel-og-json-physical-location-access-success-accessgranted |
| l-lenel-badge-access-1 |
lenel-og-json-physical-location-access-fail-accessdenied |
| l-member-added-2008 |
"microsoft-evsecurity-xml-group-member-add-success-47 |
| l-network-connection |
logrhythm-l-csv-network-session-logrhythmdpi |
| l-oracle-db-logout |
oracle-db-kv-database-logout-success-dbuser |
| l-pan-file-alert |
pan-ngfw-csv-alert-trigger-success-file |
| l-pan-scan-alert |
pan-ngfw-csv-alert-trigger-success-scan |
| l-pan-vulnerability-alert |
pan-ngfw-mix-alert-trigger-success-threadvulnerability |
| l-pan-vulnerability-alert-1 |
pan-ngfw-json-alert-trigger-success-vulnerability |
| l-sysmon-file-create |
"microsoft-sysmon-xml-file-write-success-11-1 |
| l-sysmon-process-created |
"microsoft-sysmon-xml-process-create-success-1 |
| lastline-security-alert-1 |
vmware-nsxatp-cef-alert-trigger-success-lastline |
| lastline-security-alert-2 |
vmware-nsxatp-cef-alert-trigger-success-emailattachment |
| lastline-security-alert-3 |
vmware-nsxatp-cef-alert-trigger-success-signaturematch |
| lastpass-account-creation |
lastpass-l-json-user-create-success-createdaccount |
| lastpass-account-password-change |
lastpass-l-json-user-password-modify-success-passwordchanged |
| lastpass-app-activity |
lastpass-l-sk4-app-activity-success-report |
| lastpass-app-activity-1 |
lastpass-l-json-app-activity-success-eventreporting |
| lastpass-app-login |
lastpass-l-sk4-app-login-success-actionlogin |
| lastpass-app-login-1 |
lastpass-l-sk4-app-login-success-adminconsole |
| lastpass-app-login-2 |
lastpass-l-json-app-login-success-eventreporting |
| lastpass-app-login-failed |
lastpass-l-cef-app-login-fail-failedloginattempt |
| lastpass-app-login-failed-1 |
lastpass-l-json-app-login-fail-failedloginattempt |
| ldap-auth-attempt |
sunone-s-kv-endpoint-authentication-bind-1 |
| leap-access |
leap-l-csv-app-activity-success-leapaccess |
| leap-app-activity |
leap-l-str-app-activity-success-leapaccess |
| leap-app-activity-1 |
leap-l-str-app-activity-success-leapaudit |
| leap-app-activity-2 |
leap-l-csv-app-activity-success-tuaccess |
| leap-app-activity-3 |
leap-l-csv-app-activity-success-tuaudit |
| leap-audit |
leap-l-csv-app-activity-success-leapaudit |
| leef-appsense-process-alert |
appsense-am-leef-alert-trigger-success-appsenseapplicationmanager |
| leef-aruba-app-login |
hp-arubacpm-leef-app-login-success-loggedin |
| leef-aruba-nac-logon |
hp-arubacpm-mix-radius-traffic-clearpass |
| leef-beyondtrust-account-password-change-failed |
beyondtrust-bi-leef-user-password-modify-fail-changecancelled |
| leef-beyondtrust-account-password-change-failed-1 |
beyondtrust-bi-leef-user-password-modify-fail-changefailed |
| leef-beyondtrust-app-activity |
beyondtrust-bi-leef-app-activity-success-system |
| leef-beyondtrust-app-activity-1 |
beyondtrust-bi-leef-app-activity-success-turnedoff |
| leef-beyondtrust-app-activity-10 |
beyondtrust-bi-leef-app-activity-success-managed |
| leef-beyondtrust-app-activity-2 |
beyondtrust-bi-leef-app-activity-success-passwordreset |
| leef-beyondtrust-app-activity-3 |
beyondtrust-bi-leef-app-activity-success-releasepasswordreset |
| leef-beyondtrust-app-activity-4 |
beyondtrust-bi-leef-app-activity-success-passwordexpired |
| leef-beyondtrust-app-activity-5 |
beyondtrust-bi-leef-app-activity-success-updated |
| leef-beyondtrust-app-activity-6 |
beyondtrust-bi-leef-app-activity-success-mismatch |
| leef-beyondtrust-app-activity-7 |
beyondtrust-bi-leef-app-activity-success-thesystem |
| leef-beyondtrust-app-activity-8 |
beyondtrust-bi-leef-app-activity-success-passwordchange |
| leef-beyondtrust-app-activity-9 |
beyondtrust-bi-leef-app-activity-success-managedaccount |
| leef-beyondtrust-app-login |
beyondtrust-bi-leef-app-login-success-login |
| leef-beyondtrust-app-login-1 |
beyondtrust-bi-leef-app-login-success-pmmlogin |
| leef-beyondtrust-failed-app-login |
beyondtrust-bi-leef-app-login-fail-loginfailure |
| leef-beyondtrust-failed-logon |
beyondtrust-bi-leef-app-login-fail-connectfailure |
| leef-beyondtrust-failed-logon-1 |
beyondtrust-bi-leef-app-login-fail-failedtologon |
| leef-bit9-security-alert |
vmware-carbonblackedr-leef-alert-trigger-success-securityplatform |
| leef-broadcom-system-info |
broadcom-zos-leef-network-traffic-success-mvsb |
| leef-carbonblack-file-alert |
vmware-carbonblackedr-leef-alert-trigger-success-huntingapt28 |
| leef-carbonblack-file-alert-1 |
vmware-carbonblackappctrl-leef-alert-trigger-success-lowenforcement |
| leef-carbonblack-local-logon-1 |
vmware-carbonblackappctrl-leef-endpoint-login-success-protection |
| leef-carbonblack-local-logon-2 |
vmware-carbonblackappctrl-leef-endpoint-login-success-consoleconnect |
| leef-carbonblack-logout-1 |
vmware-carbonblackappctrl-leef-endpoint-logout-success-sessionlogoff |
| leef-carbonblack-logout-2 |
vmware-carbonblackappctrl-leef-endpoint-logout-success-consoledisconnect |
| leef-carbonblack-process-alert |
vmware-carbonblackedr-leef-alert-trigger-success-watchliststoragehitprocess |
| leef-carbonblack-security-alert |
vmware-carbonblack-leef-alert-trigger-success-privilegeescalate |
| leef-carbonblack-system-event |
vmware-carbonblackappctrl-leef-app-activity-protection |
| leef-carbonblack-usb-activity |
vmware-carbonblackappctrl-leef-peripheral-storage-tached |
| leef-carbonblack-workstation-locked |
vmware-carbonblackappctrl-leef-endpoint-lock-success-sessionlock |
| leef-carbonblack-workstation-unlocked |
vmware-carbonblackappctrl-leef-endpoint-login-success-sessionunlock |
| leef-cbdef-security-alert |
vmware-carbonblack-leef-alert-trigger-success-activethreat |
| leef-checkpoint-alert |
checkpoint-ngfw-leef-alert-trigger-success-smartdefense |
| leef-checkpoint-alert-1 |
checkpoint-am-leef-alert-trigger-success-antimalware |
| leef-checkpoint-alert-2 |
checkpoint-es-leef-alert-trigger-success-checkpoint |
| leef-checkpoint-firewall-1 |
checkpoint-ngfw-leef-network-traffic-applicationcontrol |
| leef-checkpoint-firewall-2 |
checkpoint-ngfw-leef-network-traffic-success-appcontrolandurlfiltering |
| leef-checkpoint-firewall-3 |
checkpoint-ngfw-leef-network-traffic-success-urlfiltering |
| leef-checkpoint-firewall-4 |
checkpoint-ngfw-leef-network-traffic-firewall |
| leef-crowdstrike-alert |
crowdstrike-falcon-leef-alert-trigger-success-falconhost |
| leef-crowdstrike-alert-1 |
crowdstrike-falcon-leef-app-notification-scanresults |
| leef-crowdstrike-alert-2 |
crowdstrike-falcon-leef-app-login-authactivityauditevent |
| leef-crowdstrike-alert-3 |
crowdstrike-falcon-leef-app-activity-useractivityauditevent |
| leef-crowdstrike-app-login |
crowdstrike-falcon-leef-app-login-falconhost |
| leef-crowdstrike-detectionsummaryevent |
crowdstrike-falcon-leef-alert-trigger-success-0 |
| leef-crowdstrike-dnsrequests |
crowdstrike-falcon-leef-dns-request-success-dnsrequests |
| leef-crowdstrike-documentsaccessed |
crowdstrike-falcon-leef-file-read-success-documentsaccessed |
| leef-crowdstrike-executableswritten |
crowdstrike-falcon-leef-file-write-success-executableswritten |
| leef-crowdstrike-networkaccesses |
crowdstrike-falcon-leef-network-traffic-success-networkaccesses |
| leef-cyberark-app-activity |
cyberark-pam-leef-appactivityfile-vault |
| leef-digitalguardian-dlp-email-alert-out |
dg-ndlp-leef-email-send-success-sendmail |
| leef-digitalguardian-dlp-email-alert-out-1 |
dg-ep-leef-email-send-success-28 |
| leef-digitalguardian-file-delete |
dg-ep-leef-file-delete-success-filerecycle |
| leef-digitalguardian-file-delete-1 |
dg-ep-leef-file-delete-success-17 |
| leef-digitalguardian-file-download |
dg-ep-leef-file-download-success-networktransferdownload |
| leef-digitalguardian-file-download-1 |
dg-ep-leef-file-download-success-2 |
| leef-digitalguardian-file-read-1 |
dg-ep-leef-file-read-success-fileread |
| leef-digitalguardian-file-read-2 |
dg-ep-leef-file-read-success-fileopen |
| leef-digitalguardian-file-read-3 |
dg-ep-leef-file-read-success-21 |
| leef-digitalguardian-file-upload |
dg-ep-leef-file-upload-success-networktransferupload |
| leef-digitalguardian-file-upload-1 |
dg-ep-leef-file-upload-success-3 |
| leef-digitalguardian-file-write-1 |
dg-ep-leef-file-write-success-filecopy |
| leef-digitalguardian-file-write-10 |
dg-ep-leef-file-write-success-18 |
| leef-digitalguardian-file-write-2 |
dg-ep-leef-file-write-success-filemove |
| leef-digitalguardian-file-write-3 |
dg-ep-leef-file-write-success-filewrite |
| leef-digitalguardian-file-write-4 |
dg-ep-leef-file-write-success-filerename |
| leef-digitalguardian-file-write-5 |
dg-ep-leef-file-write-success-filesaveas |
| leef-digitalguardian-file-write-6 |
dg-ep-leef-file-write-success-5 |
| leef-digitalguardian-file-write-7 |
dg-ep-leef-file-write-success-7 |
| leef-digitalguardian-file-write-8 |
dg-ep-leef-file-write-success-11 |
| leef-digitalguardian-file-write-9 |
dg-ep-leef-file-write-success-12 |
| leef-digitalguardian-local-logon |
dg-ep-leef-endpoint-login-success-userlogon |
| leef-digitalguardian-local-logon-1 |
dg-ep-leef-endpoint-login-success-23 |
| leef-digitalguardian-print-activity |
dg-ep-leef-printer-activity-success-printevent |
| leef-digitalguardian-print-activity-1 |
dg-ep-leef-printer-activity-success-22 |
| leef-digitalguardian-process-created |
dg-ep-leef-process-create-success-applicationstart |
| leef-digitalguardian-usb-insert |
dg-ep-leef-peripheral-storage-insert-success-44 |
| leef-dns-query |
bluecatnetworks-bnetworks-leef-dns-request-success-bcn |
| leef-epic-app-activity |
epic-siem-leef-app-activity-securitysiem |
| leef-eset-app-login-success |
eset-es-leef-app-login-success-nativeuser |
| leef-eset-failed-logon |
eset-ep-leef-endpoint-login-fail-auditevent |
| leef-eset-logout |
eset-es-leef-app-logout-success-remoteadministrator |
| leef-eset-network-alert |
eset-es-leef-alert-trigger-success-firewallevent |
| leef-eset-security-alert |
eset-es-leef-alert-trigger-success-threatevent |
| leef-eset-web-activity-denied |
eset-es-leef-http-session-fail-blocked |
| leef-eset-web-activity-denied-1 |
eset-es-leef-http-session-fail-eset |
| leef-fireeye-alert |
fireeye-networksecurity-leef-alert-trigger-success-malwareobject |
| leef-guardium-db-failed-login |
ibm-guardium-leef-database-login-fail-loginfailed |
| leef-guardium-db-query |
ibm-guardium-leef-database-query-success-sql |
| leef-guardium-db-query-1 |
ibm-guardium-leef-database-query-success-sql-1 |
| leef-ibm-sense-alert |
ibm-s-leef-alert-trigger-success-ubaoffense |
| leef-incapsula-web-activity |
imperva-incapsula-leef-http-session-siemintegration |
| leef-lastline-security-alert |
vmware-nsxatp-leef-alert-trigger-success-email |
| leef-lastline-system-info |
vmware-lastline-leef-app-notification-appliancestatus |
| leef-mssql-database-failed-login |
microsoft-mssql-leef-database-login-fail-18456 |
| leef-mssql-database-login-1 |
microsoft-mssql-leef-database-login-success-18453 |
| leef-mssql-database-login-2 |
microsoft-mssql-leef-database-login-success-18454 |
| leef-mwg-proxy |
mcafee-wg-leef-http-session-webgateway |
| leef-paloalto-app-activity |
pan-gp-leef-app-activity-success-gatewayhipcheck |
| leef-paloalto-app-activity-1 |
pan-gp-leef-app-activity-success-gatewayhipreport |
| leef-paloalto-app-activity-2 |
pan-gp-leef-app-activity-success-getconfig |
| leef-paloalto-firewall-alert |
pan-ngfw-leef-alert-trigger-success-alert |
| leef-paloalto-firewall-allow |
pan-ngfw-leef-network-traffic-success-allow |
| leef-paloalto-firewall-deny |
pan-ngfw-leef-network-traffic-fail-deny |
| leef-paloalto-firewall-deny-1 |
pan-ngfw-leef-network-traffic-fail-deny-1 |
| leef-paloalto-firewall-drop |
pan-ngfw-leef-network-traffic-fail-drop |
| leef-paloalto-vpn-end |
pan-gp-leef-vpn-logout-success-globalprotect |
| leef-paloalto-vpn-login |
pan-gp-leef-vpn-login-success-globalprotect-3 |
| leef-paloalto-vpn-login-1 |
pan-gp-leef-vpn-login-globalprotect-4 |
| leef-paloalto-vpn-start |
pan-gp-leef-vpn-login-globalprotect-5 |
| leef-pan-authentication-failed |
pan-ngfw-leef-endpoint-authentication-fail-authfail |
| leef-pan-authentication-successful |
pan-ngfw-leef-endpoint-authentication-success-authsuccess |
| leef-pan-authentication-successful-1 |
pan-ngfw-leef-endpoint-authentication-success-signvalidated |
| leef-pan-proxy |
pan-ngfw-leef-http-session-threat |
| leef-pan-remote-logon |
pan-ngfw-leef-endpoint-login-fail-general |
| leef-pan-spyware-alert |
pan-wildfire-leef-alert-trigger-success-spyware |
| leef-pan-system-info |
pan-wildfire-leef-app-activity-general |
| leef-pan-system-logoff |
pan-wildfire-leef-app-logout-loggedout |
| leef-pan-virus-alert |
pan-wildfire-leef-alert-trigger-success-virus |
| leef-pan-vpn-logout |
pan-gp-leef-vpn-logout-success-gatewaylogout |
| leef-pan-vpn-start |
pan-gp-leef-vpn-login-success-globalprotect-2 |
| leef-pan-vulnerability-alert |
pan-wildfire-leef-alert-trigger-success-vulnerability |
| leef-pan-wildfire-alert |
pan-wildfire-leef-alert-trigger-success-wildfire |
| leef-securesphere-db-alert |
imperva-securesphere-leef-alert-trigger-success-alertdescription |
| leef-securesphere-db-alert-1 |
imperva-securesphere-leef-alert-trigger-success-description |
| leef-stealthwatch-network-alert |
cisco-securenwanalytics-leef-alert-trigger-success-alarmid |
| leef-trendmicro-file-alert |
trendmicro-ds-leef-endpoint-activity-success-integritymonitor |
| leef-trendmicro-network-alert |
trendmicro-officescan-leef-network-session-fail-firewall |
| leef-trendmicro-privileged-object-access |
trendmicro-officescan-leef-user-privilege-use-success-4674 |
| leef-trendmicro-security-alert |
trendmicro-officescan-leef-alert-trigger-success-antimalware |
| leef-trendmicro-system-info |
trendmicro-ds-leef-alert-trigger-loginspection |
| leef-varonis-security-alert |
varonis-dsp-leef-alert-trigger-success-varonis |
| legacyParserName |
nextGenParserName |
| lenel-badge-access |
lenel-og-kv-physical-location-access-cardium |
| lenel-badge-access-2 |
lenel-og-json-physical-location-access-empid |
| lenel-badge-access-3 |
lenel-og-kv-physical-location-access-success-accessgranted |
| lexmark-print-activity |
lexmark-l-cef-printer-activity-success-printjob |
| lieberman-erpm |
beyondtrust-prividentity-kv-user-privilege-use-success-seventid |
| lieberman-events-2001 |
beyondtrust-prividentity-kv-app-authentication-fail-refused |
| lieberman-events-2006 |
beyondtrust-prividentity-kv-app-authentication-2006 |
| lieberman-events-3013 |
beyondtrust-prividentity-kv-app-notification-genericmessage |
| lieberman-events-3017 |
beyondtrust-prividentity-kv-app-activity-privilegedidentity |
| lieberman-events-3019 |
beyondtrust-prividentity-kv-app-activity-privilegedidentity-1 |
| linux-dhcp-request |
linux-dhcp-str-dhcp-session-success-dhcprequest |
| liquidfiles-app-login |
liquidfiles-l-json-app-login-success-ldapauthentication |
| liquidfiles-failed-app-login |
liquidfiles-l-json-app-login-fail-ldapauthenticationerror |
| liquidfiles-file-download |
liquidfiles-l-json-file-download-success-downloadsuccess |
| liquidfiles-file-upload |
liquidfiles-l-json-file-upload-success-binaryuploadcomplete |
| liquidfiles-security-alert |
liquidfiles-l-json-alert-trigger-success-forbidden |
| lmc-vpn-login |
ibm-lmc-json-vpn-login-lmclogin |
| logrhythm-0365-account-password-change |
microsoft-o365-kv-user-password-modify-success-changeduserpassword |
| logrhythm-0365-app-login |
microsoft-o365-kv-app-login-success-userloggedin |
| logrhythm-0365-failed-app-login |
microsoft-o365-kv-app-login-fail-workload |
| logrhythm-o365-app-activity |
microsoft-m365auditlogs-kv-file-download-filesyncdownloadedfull |
| logrhythm-o365-app-activity-10 |
microsoft-m365auditlogs-kv-user-modify-updateuser |
| logrhythm-o365-app-activity-11 |
microsoft-m365auditlogs-kv-group-modify-updategroup |
| logrhythm-o365-app-activity-12 |
microsoft-m365auditlogs-kv-endpoint-modify-success-updatedevice |
| logrhythm-o365-app-activity-13 |
microsoft-m365auditlogs-kv-user-modify-success-updatestsrefreshtokenvalidfromtimestamp |
| logrhythm-o365-app-activity-14 |
microsoft-m365auditlogs-kv-user-modify-success-updateserviceprincipal |
| logrhythm-o365-app-activity-15 |
microsoft-m365auditlogs-kv-user-modify-changeuserlicense |
| logrhythm-o365-app-activity-16 |
microsoft-m365auditlogs-kv-user-create-adduser |
| logrhythm-o365-app-activity-17 |
microsoft-m365auditlogs-kv-email-send-success-send |
| logrhythm-o365-app-activity-18 |
microsoft-m365auditlogs-kv-email-send-success-sendonbehalf |
| logrhythm-o365-app-activity-19 |
microsoft-m365auditlogs-kv-email-send-sendas |
| logrhythm-o365-app-activity-2 |
microsoft-m365auditlogs-kv-file-share-sharingset |
| logrhythm-o365-app-activity-20 |
microsoft-m365auditlogs-kv-mailbox-item-create-create |
| logrhythm-o365-app-activity-21 |
microsoft-m365auditlogs-kv-app-login-success-teamssessionstarted |
| logrhythm-o365-app-activity-22 |
microsoft-m365auditlogs-kv-report-read-success-viewreport |
| logrhythm-o365-app-activity-23 |
microsoft-m365auditlogs-kv-file-download-success-exportartifact |
| logrhythm-o365-app-activity-3 |
microsoft-m365auditlogs-kv-file-read-success-pageviewed |
| logrhythm-o365-app-activity-4 |
microsoft-m365auditlogs-kv-file-property-modify-sharinginheritancebroken |
| logrhythm-o365-app-activity-5 |
microsoft-m365auditlogs-kv-group-member-add-addedtogroup |
| logrhythm-o365-app-activity-6 |
microsoft-m365auditlogs-kv-group-create-groupadded |
| logrhythm-o365-app-activity-7 |
microsoft-m365auditlogs-kv-app-notification-success-pageprefetched |
| logrhythm-o365-app-activity-8 |
microsoft-m365auditlogs-kv-share-link-open-success-companylinkused |
| logrhythm-o365-app-activity-9 |
microsoft-m365auditlogs-kv-file-unshare-sharingrevoked |
| logrhythm-o365-file-activity |
microsoft-o365-kv-file-read-success-fileaccessed |
| logrhythm-o365-file-delete |
microsoft-o365-kv-file-delete-success-filedeleted |
| logrhythm-o365-file-delete-2 |
microsoft-o365-kv-file-delete-success-folderdeleted |
| logrhythm-o365-file-delete-3 |
microsoft-o365-kv-file-delete-success-fileversions |
| logrhythm-o365-file-read |
microsoft-o365-kv-file-read-success-filepreviewed |
| logrhythm-o365-file-read-2 |
microsoft-o365-kv-file-read-success-fileaccessedextended |
| logrhythm-o365-file-read-3 |
microsoft-o365-kv-file-read-success-filedownloaded |
| logrhythm-o365-file-read-4 |
microsoft-o365-kv-file-read-success-pageviewed |
| logrhythm-o365-file-read-5 |
microsoft-o365-kv-file-read-success-pageviewedextended |
| logrhythm-o365-file-read-6 |
microsoft-o365-kv-file-read-success-anonymouslinkused |
| logrhythm-o365-file-read-7 |
microsoft-o365-kv-file-read-success-clientviewsignaled |
| logrhythm-o365-file-upload |
microsoft-o365-kv-file-upload-success-fileuploaded |
| logrhythm-o365-file-write |
microsoft-o365-kv-file-write-success-filesyncuploadedfull |
| logrhythm-o365-file-write-2 |
microsoft-o365-kv-file-write-success-filemodifiedextended |
| logrhythm-o365-file-write-3 |
microsoft-o365-kv-file-write-success-filemodified |
| logrhythm-o365-file-write-4 |
microsoft-o365-kv-file-write-success-filemoved |
| logrhythm-o365-file-write-5 |
microsoft-o365-kv-file-write-success-filerenamed |
| logrhythm-o365-file-write-6 |
microsoft-o365-kv-file-write-success-foldercreated |
| logrhythm-o365-file-write-7 |
microsoft-o365-kv-file-write-success-filecopied |
| logrhythm-o365-file-write-8 |
microsoft-o365-kv-file-write-success-anonymouslinkcreated |
| logstash-4624 |
microsoft-evsecurity-json-endpoint-login-success-4624-3 |
| logstash-4768 |
microsoft-evsecurity-json-endpoint-4768-1 |
| logstash-4769 |
microsoft-evsecurity-json-endpoint-login-4769-3 |
| lumension-failed-usb-activity-1 |
lumension-l-kv-peripheral-storage-activity-fail-readdenied |
| lumension-failed-usb-activity-2 |
lumension-l-kv-peripheral-storage-activity-fail-writedenied |
| lumension-failed-usb-activity-3 |
lumension-l-csv-peripheral-storage-activity-fail-writedenied-1 |
| lumension-failed-usb-activity-4 |
lumension-l-csv-peripheral-storage-activity-fail-readdenied-1 |
| lumension-usb-activity |
lumension-l-kv-peripheral-storage-activity-success-devicedetached |
| lumension-usb-activity-1 |
lumension-l-cef-peripheral-storage-activity-success-devicecontrol |
| lumension-usb-insert-1 |
lumension-l-kv-peripheral-storage-insert-success-deviceattached |
| lumension-usb-insert-2 |
lumension-l-kv-peripheral-storage-insert-success-mediuminserted |
| lumension-usb-read |
lumension-l-kv-file-read-success-readgranted |
| lumension-usb-write |
lumension-l-kv-file-write-success-writegranted |