Variable Fields
Additional fields may be present following the persistent fields already mentioned. These are message type dependent and can vary over time and can be enabled and disabled using the Event Filters option within an event forwarder connector in BeyondInsight.
Event Category | Event Description | Agent ID | Event Type ID | Event ID |
BeyondInsight Application Audit | appaudit | |||
BeyondTrust Discovery Agent | Retina | |||
Clarity |
mlwr
|
|||
Endpoint Privilege Management for Mac & Windows |
Application Request Elevation Application Launched Custom Rule Applied Shell Rule Applied ActiveX - Control Rule Applied ActiveX - Application Request Elevation UAC Prompt Denied Rule Applied Passive Rule Applied Validate Policy Policy Applied
|
pbw, pbmac pbw, pbmac pbw, pbmac pbw, pbmac pbw, pbmac pbw, pbmac pbw, pbmac pbw, pbmac pbw, pbmac pbw, pbmac pbw, pbmac |
28691 28692 28693 28694 28695 28696 28697 28698 28699 28702 28703 |
PBW-EVENT-28691 PBW-EVENT-28692 PBW-EVENT-28693 PBW-EVENT-28694 PBW-EVENT-28695 PBW-EVENT-28696 PBW-EVENT-28697 PBW-EVENT-28698 PBW-EVENT-28699 PBW-EVENT-28702 PBW-EVENT-28703 |
Endpoint Privilege Management for Unix & Linux |
Accept Finish Keystroke Reject Register Update
|
pbul pbul pbul pbul pbul pbul
|
01 02 03 04 05 06
|
PBUL-EVENT-01 PBUL-EVENT-02 PBUL-EVENT-03 PBUL-EVENT-04 PBUL-EVENT-05 PBUL-EVENT-06
|
File Integrity Monitoring |
flm
|
|||
General Appliance Health | GenAppHealth | |||
Password Safe | pbps | |||
Endpoint Privilege Management Reporting |
Starts Logins Protection Processes |
pmr |
|
01 02 03 04 |
Endpoint Privilege Management Reporting is available only when the Endpoint Privilege Management Reporting plugin is installed and configured.