This part of the OSSEM project contains specific information about several security event logs organized by operating system and their respective data sets. Each dictionary describes a single event log and its corresponding event field names. The difference between the ../common_information_model/ folder and the data dictionaries is that in the CIM the field definitions are more general whereas in a data dictionary, each field name definition is unique to the specific event log.
| Data Set | Description |
|---|---|
| FreeBSD | Data dictionaries for FreeBSD based events. |
| Linux | Data dictionaries for Linux based events. |
| macOS | Data dictionaries for macOS based events. |
| Windows | Data dictionaries for Windows based events. |
| Zeek Event Logs | Zeek provides, network, metadata on over 40+ different applications and protocols. |