tag :: Client Event Artifact

• Demo.Plugins.Fifo
• Generic.Client.LocalLogs
• Generic.Client.Stats
• Linux.Events.DNS
• Linux.Events.EBPF
• Linux.Events.HTTPConnections
• Linux.Events.Journal
• Linux.Events.ProcessExecutions
• Linux.Events.SSHBruteforce
• Linux.Events.SSHLogin
• Linux.Events.TrackProcesses
• System.Flow.Archive
• System.Flow.Completion
• System.Hunt.Archive
• System.Upload.Completion
• Windows.Detection.ProcessCreation
• Windows.Detection.PsexecService
• Windows.Detection.PsexecService.Kill
• Windows.Detection.Registry
• Windows.Detection.Service.Upload
• Windows.Detection.Thumbdrives.List
• Windows.Detection.Thumbdrives.OfficeKeywords
• Windows.Detection.Thumbdrives.OfficeMacros
• Windows.Detection.Usn
• Windows.Detection.WMIProcessCreation
• Windows.ETW.DNS
• Windows.ETW.DNSQueriesServer
• Windows.ETW.EdgeURLs
• Windows.ETW.ETWSessions
• Windows.ETW.FileCreation
• Windows.ETW.KernelFile
• Windows.ETW.KernelNetwork
• Windows.ETW.KernelProcess
• Windows.ETW.Registry
• Windows.ETW.WMIProcessCreate
• Windows.Events.EventLogModifications
• Windows.Events.FailedLogBeforeSuccess
• Windows.Events.Kerberoasting
• Windows.Events.Mutants
• Windows.Events.ProcessCreation
• Windows.Events.ServiceCreation
• Windows.Events.Trackaccount
• Windows.Events.TrackProcesses
• Windows.Events.TrackProcessesBasic
• Windows.Events.TrackProcessesETW
• Windows.Forensics.LocalHashes.Usn
• Windows.Remediation.QuarantineMonitor
• Windows.Sysinternals.SysmonLogForward