kiteworks
October 17, 2024 · View on GitHub
Expression
product = "kiteworks"
Fields
| Field | Core | Detection | Informational |
|---|---|---|---|
| src_ip | ✓ | ||
| domain | ✓ | ||
| fallback_user_name | |||
| domain_user_name | |||
| user | ✓ | ✓ |
Activity Types
| Activity Type | Field | Status | Core | Detection | Informational |
|---|---|---|---|---|---|
| app-activity | access | Default | ✓ | ||
| additional_info | Default | ✓ | |||
| bytes | Default | ✓ | |||
| mime | Default | ✓ | |||
| user_agent | Default | ✓ | |||
| url | Default | ✓ | |||
| app-login | access | Default | ✓ | ||
| mime | Default | ✓ | |||
| user_agent | Default | ✓ | |||
| url | Default | ✓ | |||
| configuration-modify | additional_info | ||||
| mime | |||||
| operation | |||||
| url | |||||
| user_agent | |||||
| proxy_ip | |||||
| email-create | attachment | Default | ✓ | ||
| additional_info | Default | ✓ | |||
| bytes | Default | ✓ | |||
| mime | Default | ✓ | |||
| operation | Default | ✓ | |||
| url | Default | ✓ | |||
| user_agent | Default | ✓ | |||
| email-delete | additional_info | Default | ✓ | ||
| bytes | Default | ✓ | |||
| mime | Default | ✓ | |||
| operation | Default | ✓ | |||
| url | Default | ✓ | |||
| user_agent | Default | ✓ | |||
| email-modify | attachment | Default | ✓ | ||
| additional_info | Default | ✓ | |||
| bytes | Default | ✓ | |||
| mime | Default | ✓ | |||
| operation | Default | ✓ | |||
| url | Default | ✓ | |||
| user_agent | Default | ✓ | |||
| email-read | additional_info | Default | ✓ | ||
| bytes | Default | ✓ | |||
| mime | Default | ✓ | |||
| dest_user | Default | ✓ | |||
| operation | Default | ✓ | |||
| url | Default | ✓ | |||
| user_agent | Default | ✓ | |||
| email-recipient-add | additional_info | Default | ✓ | ||
| bytes | Default | ✓ | |||
| mime | Default | ✓ | |||
| operation | Default | ✓ | |||
| url | Default | ✓ | |||
| user_agent | Default | ✓ | |||
| email-send | additional_info | Default | ✓ | ||
| bytes | Default | ✓ | |||
| mime | Default | ✓ | |||
| operation | Default | ✓ | |||
| url | Default | ✓ | |||
| user_agent | Default | ✓ | |||
| file-delete | access | Legacy | ✓ | ||
| file-download | access | ✓ | |||
| file-permission-modify | access | Legacy | ✓ | ||
| file-read | access | Legacy | ✓ | ||
| file-upload | access | ✓ | |||
| file-write | access | Legacy | ✓ | ||
| user-delete | additional_info | ||||
| mime | |||||
| dest_host | Legacy | ✓ | |||
| operation | |||||
| url | |||||
| user_agent | |||||
| user-lock | |||||
| user-modify | dest_host | Legacy | ✓ | ||
| operation | |||||
| user-password-modify | access | Default | ✓ | ||
| mime | Default | ✓ | |||
| user_agent | Default | ✓ | |||
| url | Default | ✓ | |||
| user-password-reset | access | ✓ | |||
| mime | ✓ | ||||
| user_agent | ✓ | ||||
| url | ✓ | ||||
| user-unlock |