Event Type - Event Log Entry
Description
An event log entry was detected that met a condition
Parameters
| Parameter Name | Type | Default Value | Allowed Values | Description |
|---|---|---|---|---|
| Event Log | String | System | Enter the event log name. E.g. 'Application', 'System', 'Security', 'Microsoft-Windows-Windows Defender/Operational' | |
| Event Sources | String | Enter the event source names, one per line. If entered, only events that match these event source names will be included. Wildcards are allowed. E.g. SecurityCenter, Outlook, Out* | ||
| Levels | Mask | Critical, Error | Critical, Error, Warning, Informational, Verbose, Log Always | Enter the event levels. Only events matching these levels will be included. |
| Event IDs | String | Enter the event ID ranges, one per line. If entered only events that match these event IDs will be included. E.g. 56, 100, 100-105, 2100-3000, etc... | ||
| Include Matching Content Only | String | Enter any content that must exist in the description, one phrase per line. If entered only events that have content that match these phrases will be included. | ||
| Exclude Matching Content | String | Enter any content that must not exist in the description, one phrase per line. If entered events that have content that match these phrases will be excluded. |