file-write

Description

A file was created or edited

Parameters

Parameter	Value
Subject	file
Activity	write
Activity Type	file-write
Pretty Name	File Write

Legacy Names

Success	Fail
file-write usb-write	file-write usb-write

Fields

The possible fields for this activity type will vary depending on whether the activity was a success or a fail.

file-write:success

Field	Core	Detection	Informational
is_dok		✓
is_peripheral_storage		✓
device_pid		✓
device_vid		✓
cid			✓

file-write:fail

Field	Core	Detection	Informational
failure_code		✓
is_dok		✓
failure_reason		✓
cid			✓