Supported Log Types
Windows Event Log types that can be processed and sent to your SIEM
| Log Type | Status | Description | Event Channel |
|---|---|---|---|
| Sysmon | Supported | System Monitor (Sysmon) logs provide detailed process, network, file, and registry activity. All Sysmon event IDs are supported. | Microsoft-Windows-Sysmon/Operational |
| Windows Security | Not Supported | Windows Security Event Log. Support for processing Security logs is planned for future releases. | Security |
| Windows System | Not Supported | Windows System Event Log. Support for processing System logs is planned for future releases. | System |
| Windows Application | Not Supported | Windows Application Event Log. Support for processing Application logs is planned for future releases. | Application |
Note
Currently, only Sysmon logs can be processed and sent to your SIEM. Support for other Windows Event Log types is planned for future releases.