31 lines
No EOL
474 B
YAML
31 lines
No EOL
474 B
YAML
##RDP
|
|
source: wineventlog
|
|
event_channel: Security
|
|
event_ids:
|
|
- 4625
|
|
- 4623
|
|
event_level: information
|
|
labels:
|
|
type: eventlog
|
|
---
|
|
##Firewall
|
|
filenames:
|
|
- C:\Windows\System32\LogFiles\Firewall\pfirewall.log
|
|
labels:
|
|
type: windows-firewall
|
|
---
|
|
##SQL Server
|
|
source: wineventlog
|
|
event_channel: Application
|
|
event_ids:
|
|
- 18456
|
|
event_level: information
|
|
labels:
|
|
type: eventlog
|
|
---
|
|
##IIS
|
|
use_time_machine: true
|
|
filenames:
|
|
- C:\inetpub\logs\LogFiles\*\*.log
|
|
labels:
|
|
type: iis |