1
_time
3
Channel
5
Computer
7
CreationUtcTime
9
EventChannel
11
EventCode
13
EventData_Xml
15
EventDescription
17
EventID
19
EventRecordID
21
Guid
23
Image
25
Keywords
27
Level
29
Name
31
Opcode
33
ProcessGuid
35
ProcessID
37
ProcessId
39
RecordID
41
RuleName
43
SystemTime
45
System_Props_Xml
47
TargetFilename
49
Task
51
ThreadID
53
User
55
UserId
57
UtcTime
59
Version
61
action
63
date_hour
65
date_mday
67
date_minute
69
date_month
71
date_second
73
date_wday
75
date_year
77
date_zone
79
dest
81
eventtype
83
file_create_time
85
file_name
87
file_path
89
host
91
index
93
linecount
95
object_category
97
process_exec
99
process_guid
101
process_id
103
process_name
105
process_path
107
punct
109
signature
111
signature_id
113
source
115
sourcetype
117
splunk_server
119
tag
121
tag::eventtype
123
tag::object_category
125
timeendpos
127
timestartpos
129
user
131
vendor_product
133
not set