Event Categories
Application Activity
Name: application
- API Activity
- Application Activity
- Application Lifecycle
- Datastore Activity
- File Hosting Activity
- Scan Activity
- Web Resource Access Activity
- Web Resources Activity
Discovery
Name: discovery
- Admin Group Query
- Device Config State
- Device Config State Change
- Discovery
- Discovery Result
- File Query
- Folder Query
- Device Inventory Info
- Job Query
- Kernel Object Query
- Module Query
- Network Connection Query
- Networks Query
- OSINT Inventory Info
- Operating System Patch State
- Peripheral Device Query
- Prefetch Query
- Process Query
- Registry Key Query
- Registry Value Query
- Service Query
- User Session Query
- Software Inventory Info
- User Inventory Info
- User Query
Findings
Name: findings
- Compliance Finding
- Data Security Finding
- Detection Finding
- Finding
- Incident Finding
- Security Finding
- Vulnerability Finding
Identity & Access Management
Name: iam
- Account Change
- Authentication
- Authorize Session
- Entity Management
- Group Management
- Identity & Access Management
- User Access Management
Network Activity
Name: network
- DHCP Activity
- DNS Activity
- Email Activity
- Email Delivery Activity
- Email File Activity
- Email URL Activity
- FTP Activity
- HTTP Activity
- Network
- Network Activity
- Network File Activity
- NTP Activity
- RDP Activity
- SMB Activity
- SSH Activity
- Tunnel Activity
Remediation
Name: remediation
- File Remediation Activity
- Network Remediation Activity
- Process Remediation Activity
- Remediation Activity
System Activity
Name: system
- Event Log Activity
- File System Activity
- Kernel Activity
- Kernel Extension Activity
- Memory Activity
- Module Activity
- Process Activity
- Registry Key Activity
- Registry Value Activity
- Windows Resource Activity
- Scheduled Job Activity
- System Activity
- Windows Service Activity
This page describes qdm-1.3.2+ocsf-1.3.0
Updated 6 months ago