| HttpActivity |
HTTP Activity events report HTTP connection and traffic information |
no |
| NtpActivity |
The Network Time Protocol (NTP) Activity events report instances of remote |
no |
| UnmannedSystemsEvent |
The Unmanned Systems event is a generic event that defines a set of attribute... |
yes |
| DatastoreActivity |
Datastore events describe general activities (Read, Update, Query, Delete, |
yes |
| DnsActivity |
DNS Activity events report DNS queries and answers as seen on the network |
no |
| WebResourcesActivity |
Web Resources Activity events describe actions executed on a set of Web |
yes |
| IamEvent |
The Identity & Access Management event is a generic event that defines a set ... |
yes |
| NetworkEvent |
Network event is a generic event that defines a set of attributes available i... |
yes |
| FtpActivity |
File Transfer Protocol (FTP) Activity events report file transfers between a |
no |
| UserAccess |
User Access Management events report management updates to a user's privilege... |
no |
| AirborneBroadcastActivity |
Airborne Broadcast Activity events report the activity of any aircraft or |
yes |
| DataSecurityFinding |
A Data Security Finding describes detections or alerts generated by various |
yes |
| NetworkFileActivity |
Network File Activity events report file activities traversing the network, |
yes |
| SmbActivity |
Server Message Block (SMB) Protocol Activity events report client/server |
no |
| RdpActivity |
Remote Desktop Protocol (RDP) Activity events report post-authentication remo... |
no |
| NetworkActivity |
Network Activity events report network connection and traffic activity |
yes |
| WebResourceAccessActivity |
Web Resource Access Activity events describe successful/failed attempts to |
yes |
| Evidences |
A collection of evidence artifacts associated to the activity/activities that |
yes |
| SshActivity |
SSH Activity events report remote client connections to a server using the |
no |
| AccountChange |
Account Change events report when specific user account management tasks are |
no |
| GroupManagement |
Group Management events report management updates to a group, including updat... |
no |
| TunnelActivity |
Tunnel Activity events report secure tunnel establishment (such as VPN), |
yes |
| Authentication |
Authentication events report authentication session activities, including use... |
no |
| DroneFlightsActivity |
Drone Flights Activity events report the activity of Unmanned Aerial Systems |
yes |
| AuthorizeSession |
Authorize Session events report privileges or groups assigned to a new user |
no |
| WindowsEvidences |
Extends the evidences object to add Windows specific fields |
no |
| ApiActivity |
API events describe general CRUD (Create, Read, Update, Delete) API activitie... |
yes |
| EventLogActvity |
Event Log Activity events report actions pertaining to the system's event |
yes |
| EntityManagement |
Entity Management events report activity by a managed client, a micro service... |
no |
| EmailActivity |
Email Activity events report SMTP protocol and email activities including tho... |
yes |
| FileHosting |
File Hosting Activity events report the actions taken by file management |
yes |
| DhcpActivity |
DHCP Activity events report MAC to IP assignment via DHCP from a client or |
yes |