30 lines
765 B
Plaintext
Executable File
30 lines
765 B
Plaintext
Executable File
[WinEventLog://Microsoft-Windows-Sysmon/Operational]
|
|
index = sysmon
|
|
disabled = false
|
|
renderXml = true
|
|
|
|
[monitor://c:\programdata\osquery\log\osqueryd.results.log]
|
|
index = osquery
|
|
disabled = false
|
|
sourcetype = osquery:json
|
|
|
|
[monitor://c:\programdata\osquery\log\osqueryd.snapshots.log]
|
|
index = osquery
|
|
disabled = false
|
|
sourcetype = osquery:json
|
|
|
|
[monitor://c:\programdata\osquery\log\osqueryd.INFO.*]
|
|
index = osquery-status
|
|
disabled = false
|
|
sourcetype = osquery-info:syslog
|
|
|
|
[monitor://c:\programdata\osquery\log\osqueryd.WARNING.*]
|
|
index = osquery-status
|
|
disabled = false
|
|
sourcetype = osquery-warn:syslog
|
|
|
|
[monitor://c:\programdata\osquery\log\osqueryd.ERROR.*]
|
|
index = osquery-status
|
|
disabled = false
|
|
sourcetype = osquery-error:syslog
|