Default index patterns
UTMStack includes default index patterns such as:
- alert-*: Query all data that is in the data engine associated with all alerts.
- dc-*: Query all the information associated with the active directory.
- log-*: Query all data that is in the data engine associated with all types of logs (NIDS, DNS, AWS, Azure, Firewalls, Office 365, IIS, Netflow, Metric, and so much more.)
- log-nids-*: Query specific data associated with logs NIDS.
- log-aws-*: Query specific data associated with logs AWS.
- log-azure-*: Query specific data associated with logs Azure.
- log-o365-*: Query specific data associated with logs Office 365 (o365.)
- log-firewall-*: Query all data that are associated with all types of firewalls.
- log-firewall-sophos-*: Query specific data that is associated with the Firewall Sophos.
- log-firewall-meraki-*: Query specific data that is associated with the Firewall Meraki.
- log-firewall-cisco-asa-*: Query specific data that is associated with the Firewall Cisco Asa.
- and others.
No Comments