clientview
April 24, 2024 · View on GitHub
Expression
product = "clientview"
Fields
There are no fields for this extension.
Activity Types
| Activity Type | Field | Status | Core | Detection | Informational |
|---|---|---|---|---|---|
| app-activity | src_ip | Default | ✓ | ||
| additional_info | Default | ✓ | |||
| domain | Default | ✓ | |||
| domain_user_name | |||||
| src_host | Default | ✓ | |||
| user | Default | ✓ | |||
| email-send | src_ip | Default | ✓ | ||
| src_host | Default | ✓ | |||
| file-delete | src_ip | ||||
| access | Legacy | ✓ | |||
| bytes | |||||
| hash_md5 | |||||
| local_user_name | |||||
| src_host | Legacy | ✓ | |||
| user | Legacy | ✓ | ✓ | ||
| file-download | access | ||||
| dest_ip | |||||
| domain | |||||
| dest_host | Legacy | ✓ | |||
| domain_user_name | |||||
| dest_file_dir | |||||
| user | Legacy | ✓ | ✓ | ||
| file-read | src_ip | ||||
| access_type | |||||
| access | Legacy | ✓ | |||
| bytes | Legacy | ✓ | |||
| hash_md5 | |||||
| local_user_name | |||||
| src_host | Legacy | ✓ | |||
| user | Legacy | ✓ | ✓ | ||
| file-upload | src_ip | ||||
| access | |||||
| domain | |||||
| domain_user_name | |||||
| src_host | Legacy | ✓ | |||
| user | Legacy | ✓ | ✓ | ||
| file-write | src_ip | ||||
| access | Legacy | ✓ | |||
| bytes | Legacy | ✓ | |||
| hash_md5 | |||||
| local_user_name | |||||
| src_host | |||||
| user | Legacy | ✓ | ✓ | ||
| http-session | src_host | Default | ✓ | ||
| printer-activity | src_ip | ||||
| file_path | |||||
| dest_ip | |||||
| num_pages | Legacy | ✓ | |||
| local_user_name | |||||
| printer_name | Legacy | ✓ | ✓ | ||
| src_host | Legacy | ✓ | |||
| user | Legacy | ✓ | ✓ | ||
| object | |||||
| process-create | src_ip | Default | ✓ | ||
| hash_md5 | Default | ✓ | |||
| session_id | Default | ✓ | |||
| user | Default | ✓ |