<span class="pill kill-chain">_time</span>
</div>
Data Source: Sysmon EventID 14
Description
Data source object for Sysmon EventID 14
Details
| Property | Value |
|---|---|
| Source | XmlWinEventLog:Microsoft-Windows-Sysmon/Operational |
| Sourcetype | XmlWinEventLog |
| Separator | EventID |
Supported Apps
- Splunk Add-on for Sysmon (version 5.0.0)
Event Fields
Fields
Source: GitHub | Version: 2