You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
25 lines
581 B
25 lines
581 B
EventCode,EventDescription
|
|
1,"Process Create"
|
|
2,"File Create Time"
|
|
3,"Network Connect"
|
|
4,"Sysmon Start"
|
|
5,"Process Terminate"
|
|
6,"Driver Load"
|
|
7,"Image Load"
|
|
8,"Create Remote Thread"
|
|
9,"Raw Access Read"
|
|
10,"Process Access"
|
|
11,"File Created"
|
|
12,"Registry object added or deleted"
|
|
13,"Registry value set"
|
|
14,"Registry object renamed"
|
|
15,"File stream created"
|
|
16,"Sysmon Configuration Changed"
|
|
17,"Pipe Created"
|
|
18,"Pipe Connected"
|
|
19,"WmiEventFilter activity detected"
|
|
20,"WmiEventConsumer activity detected"
|
|
21,"WmiEventConsumerToFilter activity detected"
|
|
22,"DNS Query"
|
|
255,"Error"
|