usb
October 17, 2024 · View on GitHub
Expression
product = "usb"
Fields
| Field | Core | Detection | Informational |
|---|---|---|---|
| file_name | ✓ | ||
| bytes | ✓ | ||
| device_type | ✓ | ||
| fallback_user_name | |||
| user | ✓ |
Activity Types
| Activity Type | Field | Status | Core | Detection | Informational |
|---|---|---|---|---|---|
| peripheral_storage-activity | device_product | ✓ | |||
| device_pid | ✓ | ||||
| device_description | ✓ | ||||
| device_class | ✓ | ||||
| device_vendor | ✓ | ||||
| device_vid | ✓ |