Default index patterns

UTMStack includes default index patterns such as:

  • alert-*: Query all data that is in the data engine associated with all alerts.
  • dc-*: Query all the information associated with the active directory.
  • log-*: Query all data that is in the data engine associated with all types of logs (NIDS, DNS, AWS, Azure, Firewalls, Office 365, IIS, Netflow, Metric, and so much more.)
  • log-nids-*: Query specific data associated with logs NIDS.
  • log-aws-*: Query specific data associated with logs AWS.
  • log-azure-*: Query specific data associated with logs Azure.
  • log-o365-*: Query specific data associated with logs Office 365 (o365.)
  • log-firewall-*: Query all data that are associated with all types of firewalls.
  • log-firewall-sophos-*: Query specific data that is associated with the Firewall Sophos.
  • log-firewall-meraki-*: Query specific data that is associated with the Firewall Meraki.
  • log-firewall-cisco-asa-*: Query specific data that is associated with the Firewall Cisco Asa.
  • and others.