Data dictionaries for Windows based events.
| Data Set | Description |
|---|---|
| Windows Carbon Black Event Logs | Carbon Black data schema as defined by the Carbon Black Developer Resources. |
| Windows Endgame Event Logs | Endgame's event types according to "User Guide 3. |
| Event Tracing for Windows Logs | The Event Tracing for Windows (ETW) infrastructure provides the foundation for Windows Performance Toolkit. |
| Windows Osquery Event Logs | Osquery schema is defined in tables by osquery engineers. |
| PowerShell Event Logs | None. |
| SO Host Data Event Logs | None. |
| Sysmon Event Logs | System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log. |
| Windows Defender Advanced Threat Protection Event Logs | None. |