Vendor: MicrosoftJune 14, 2023 · View on GitHubProduct: Sysmon Use-Case: Data Leak RulesModelsMITRE ATT&CK® TTPsEvent TypesParsers10111 Event TypeRulesModelsfile-writeT1114.001 - T1114.001 ↳ FA-Outlook-pst: A file ends with either pst or ost