GitHub - trendmicro/tm-v1-schema: Welcome to the official Git repository for Trend Vision One log schema documentation. This repository provides essential log schema details and data mapping information for Trend Vision One users.
0
TELEMETRY_NONE
1
TELEMETRY_PROCESS_OPEN
2
TELEMETRY_PROCESS_CREATE
3
TELEMETRY_PROCESS_TERMINATE
4
TELEMETRY_PROCESS_LOAD_IMAGE
5
TELEMETRY_PROCESS_EXECUTE
6
TELEMETRY_PROCESS_CONNECT
7
TELEMETRY_PROCESS_TRACME
8
TELEMETRY_PROCESS_LOAD_KERNEL_IMAGE
101
TELEMETRY_FILE_CREATE
102
TELEMETRY_FILE_OPEN
103
TELEMETRY_FILE_DELETE
104
TELEMETRY_FILE_SET_SECURITY
105
TELEMETRY_FILE_COPY
106
TELEMETRY_FILE_MOVE
107
TELEMETRY_FILE_CLOSE
108
TELEMETRY_FILE_MODIFY_TIMESTAMP
109
TELEMETRY_FILE_MODIFY
110
TELEMETRY_FILE_SET_ATTRIBUTES
111
TELEMETRY_FILE_ENUMERATE
112
TELEMETRY_FILE_SET_EXTENDED_ATTRIBUTE
113
TELEMETRY_FILE_DELETE_EXTENDED_ATTRIBUTE
201
TELEMETRY_CONNECTION_CONNECT
202
TELEMETRY_CONNECTION_LISTEN
203
TELEMETRY_CONNECTION_CONNECT_INBOUND
204
TELEMETRY_CONNECTION_CONNECT_OUTBOUND
301
TELEMETRY_DNS_QUERY
401
TELEMETRY_REGISTRY_CREATE
402
TELEMETRY_REGISTRY_SET
403
TELEMETRY_REGISTRY_DELETE
404
TELEMETRY_REGISTRY_RENAME
405
TELEMETRY_REGISTRY_ENUMERATE
406
TELEMETRY_REGISTRY_ENUMERATEVALUE
407
TELEMETRY_REGISTRY_QUERYVALUE
408
TELEMETRY_REGISTRY_SAVE
501
TELEMETRY_ACCOUNT_ADD
502
TELEMETRY_ACCOUNT_DELETE
503
TELEMETRY_ACCOUNT_IMPERSONATE
504
TELEMETRY_ACCOUNT_MODIFY
505
TELEMETRY_ACCOUNT_LOGIN
506
TELEMETRY_ACCOUNT_LOGOUT
601
TELEMETRY_INTERNET_OPEN
602
TELEMETRY_INTERNET_CONNECT
603
TELEMETRY_INTERNET_DOWNLOAD
701
TELEMETRY_MODIFIED_PROCESS_CREATE_REMOTETHREAD
702
TELEMETRY_MODIFIED_PROCESS_WRITE_MEMORY
703
TELEMETRY_MODIFIED_PROCESS_WRITE_PROCESS
704
TELEMETRY_MODIFIED_PROCESS_READ_PROCESS
705
TELEMETRY_MODIFIED_PROCESS_WRITE_PROCESS_NAME
801
TELEMETRY_WINDOWS_HOOK_SET
901
TELEMETRY_AMSI_EXECUTE
1001
TELEMETRY_MEMORY_MODIFY
1002
TELEMETRY_MEMORY_MODIFY_PERMISSION
1003
TELEMETRY_MEMORY_READ
1101
TELEMETRY_BM_INVOKE
1102
TELEMETRY_BM_INVOKE_API
1201
TELEMETRY_APP_START
1202
TELEMETRY_APP_STOP
1203
TELEMETRY_APP_INSTALL
1204
TELEMETRY_APP_UNINSTALL
1205
TELEMETRY_APP_BEHAVIOR
1301
TELEMETRY_SYSTEM_EVENT_ENABLE
1302
TELEMETRY_SYSTEM_EVENT_DISABLE
1303
TELEMETRY_SYSTEM_CERTIFICATION_INSTALL
1304
TELEMETRY_SYSTEM_DEVICE_ROOTED
1401
TELEMETRY_PIPE_CREATE
1402
TELEMETRY_PIPE_CONNECT
1601
TELEMETRY_MAC_SYS_LOG_COLLECT
1701
TELEMETRY_DDR_FILE_COPY
1702
TELEMETRY_DDR_FILE_MOVE
1703
TELEMETRY_DDR_FILE_RENAME
1704
TELEMETRY_DDR_FILE_MODIFY
1705
TELEMETRY_DDR_FILE_DELETE
1706
TELEMETRY_DDR_FILE_UNZIP
1707
TELEMETRY_DDR_FILE_ZIP
1708
TELEMETRY_DDR_FILE_UPLOAD
1709
TELEMETRY_DDR_FILE_DOWNLOAD
1710
TELEMETRY_DDR_FILE_PRINT
10101
TELEMETRY_ASSOCIATION_PROCESS_IMAGE_FILE
10102
TELEMETRY_ASSOCIATION_AUTO_RUN_KEY_FULL_PATH
10103
TELEMETRY_ASSOCIATION_HOST_PROC_CMD_FULL_PATH
10104
TELEMETRY_ASSOCIATION_SERVICE_DLL
10105
TELEMETRY_ASSOCIATION_ARCHIVE_FILE
10106
TELEMETRY_ASSOCIATION_BROWSER_PROCESS