Overview
This will help you to search events from LTS based on API devices.
Device Name | Search Tag | |
|---|---|---|
| 1 | AWS ALB | awsalb_logs |
| 2 | AWS Cloudtrail | aws_cloudwatch |
| 3 | AWS RDS | awsrds_logs |
| 4 | AWS RDS Audit | aws_s3bucket |
| 5 | Azure Activity | azureact |
| 6 | Azure AD | azuread |
| 7 | Azure OneDrive | azureonedrive |
| 8 | Azure OutLook | azureoutlook |
| 9 | Azure Security Alerts | azurealerts |
| 10 | Azure SharePoint | azuresharepoint |
| 11 | Box Device | boxdev |
| 12 | Cisco AMP | Cisco_AMP_EP |
| 13 | Cisco Umbrella Logs | ciscoumbrella_log |
| 14 | Google cloud | google_cloud |
| 15 | Google Workspace | gsuite |
| 16 | Holm Security | holm_security |
| 17 | MSSQL | window_mssql |
| 18 | Nessus | nessus |
| 19 | Openvas | openvas |
| 20 | Oracle Cloud Infrastructure | ocilogs |
| 21 | Seqrite DLP | seq_dlp |
| 22 | Seqrite Virus | seq_virusscan |
| 23 | Seqrite Web Security | seq_web_security |
| 24 | Zoom App | zoom_app |
| 25 | Zscaler | ZscalerIP |
| 26 | TrendMicro CAS | trendmicrocas |