| | |
|---|
- | - | Union table - box.all.win This is a union table that collects events from a set of tables for easy access and analysis. Learn more about this union table in this article. |
| IBM AS/400 | More information |
IBM z/OS | More information |
More information |
| UNIX audit | Union table - box.audit.unix This is a union table that collects events from a set of tables for easy access and analysis. Learn more about this union table in this article. box.audit.unix.audispd
box.audit.unix.auditd
box.audit.unix.goAudit
More information |
UNIX osquery | box.osquery.unix.info
box.osquery.unix.results
More information |
UNIX system logs | More information |
UNIX 8 system logs | More information |
CloudWatch logs on UNIX | More information |
UNIX stat logs | box.stat.unix.diskstat
box.stat.unix.dstatLt1
box.stat.unix.tags
More information |
| Docker container logs | More information |
| Linux iptables | More information |
| macOS | More information |
macOS NXLog | More information |
| VMware | box.vmware.esx
box.vmware.firewall
box.vmware.vcenter
More information |
| Microsoft Azure | box.stat.azure.dstatLt1
box.stat.azure.tags
More information |
Windows events | Deprecated parser Note that the box.win parser is deprecated and no longer supported by Devo. We recommend to use the corresponding box.win_* parser for your specific technology. Learn more about these parsers below in this table. More information |
Windows Classic | More information |
Windows CloudWatch | More information |
Windows InTrust | More information |
Windows Kinesis Agent | More information |
Windows NXLog | box.win_nxlog
box.win_nxlog.adfs
box.win_nxlog.application
box.win_nxlog.dns
box.win_nxlog.group_policy
box.win_nxlog.invalid
box.win_nxlog.other
box.win_nxlog.powershell
box.win_nxlog.print
box.win_nxlog.remote_conn
box.win_nxlog.security
box.win_nxlog.smb
box.win_nxlog.sysmon
box.win_nxlog.system
box.win_nxlog.windows_powershell
More information |
WinQuest | More information |
Snare Windows Agent | More information |
SolarWinds | box.win_solarwinds
box.win_solarwinds.application
box.win_solarwinds.other
box.win_solarwinds.powershell
box.win_solarwinds.security
box.win_solarwinds.setup
box.win_solarwinds.system
More information |
Windows System Monitor (Sysmon) | More information |
Winlogbeat | box.win_winlogbeat
box.win_winlogbeat.adpwprotect
box.win_winlogbeat.application
box.win_winlogbeat.applocker
box.win_winlogbeat.authentication
box.win_winlogbeat.bitsClient
box.win_winlogbeat.codeintegrity
box.win_winlogbeat.deviceguard
box.win_winlogbeat.forwarding
box.win_winlogbeat.kernelPnp
box.win_winlogbeat.ntlm
box.win_winlogbeat.oalerts
box.win_winlogbeat.powershell
box.win_winlogbeat.security
box.win_winlogbeat.securityMitigations
box.win_winlogbeat.setup
box.win_winlogbeat.smb
box.win_winlogbeat.sysmon
box.win_winlogbeat.system
box.win_winlogbeat.taskscheduler
box.win_winlogbeat.terminalservices
box.win_winlogbeat.win32k
box.win_winlogbeat.windows_defender
box.win_winlogbeat.windows_firewall
box.win_winlogbeat.windowsupdateclient
box.win_winlogbeat.wmiActivity
More information |
Windows stat logs | box.stat.win.diskstat
box.stat.win.dstatLt1
box.stat.win.heartbeat
box.stat.win.tags
More information |
