Firefox addons from devices with that browser If you do not have firefox on any devices like me then you will not have any data, if someone could test that would be great. Schema: creator string Addon-supported creator string description...

This detects a potential vulnerability in application compatibility mode being set https://www.itnews.com.au/news/windows-compatibility-mode-resurfaces-old-flaws-473058 Schema analysis string JSON object representing the analysis ...

windows_event_dos_attack_detected SCHEMA description string Plugin description text eventid int The Windows event ID provider_name string The Windows event provider source string The Windows event source ...

This collects the SHA256 and SHA1 has of launchd processes on LINUX and no I do not know why the scheduled query has an MD5 in the name seeing as we do not get the MD5 value. launchd launchd has two main tasks. The first is to boot the system, and...

Linux user events SCHEMA address string IPv4 address target audit_type int The file description for the process socket message string Message from the event path string Full path to the value pid long...

windows_event_successful_logon SCHEMA authentication_package string The name of the authentication package which was used for the logon description string Plugin description text event_timestamps string List of times...

List pending updates/patch for MAC os x SCHEMA package_id string Label packageIdentifiers recommended string recommended restart string restart size long Size of the update title string Title of the...

Windows process history SCHEMA cmdline string Process command line file_size long File size now gid long Group ID (unsigned) of the user running the process global_rep int The machine learning global reputation...

Detect promiscuous interfaces on LInux https://en.wikipedia.org/wiki/Promiscuous_mode SCHEMA flags int Flags (netdevice) for the device interface string Interface name loopback long Loopback interface mac string...

vulnerability_weak_algorithms SCHEMA data string Data content of registry value key string Name of the key mtime long time of the most recent registry write name string Name of the registry value entry ...