本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。 # 数据源支持的第三方来源 下表列出了通过管道摄取时被 Log CloudWatch s 自动归类为数据源的第三方来源: | 数据源名称(@data\$1source\$1name 字段) | 数据源类型(@data\$1source\$1type 字段) | | --- | --- | | crowdstrike\$1falcon | detection\$1finding | | crowdstrike\$1falcon | process\$1activity | | github\$1auditlogs | account\$1change | | github\$1auditlogs | api\$1activity | | github\$1auditlogs | entity\$1management | | microsoft\$1entraid | account\$1change | | microsoft\$1entraid | authentication | | microsoft\$1entraid | entity\$1management | | microsoft\$1entraid | user\$1access\$1management | | microsoft\$1office365 | account\$1change | | microsoft\$1office365 | application\$1lifecycle | | microsoft\$1office365 | authentication | | microsoft\$1office365 | compliance\$1finding | | microsoft\$1office365 | detection\$1finding | | microsoft\$1office365 | email\$1activity | | microsoft\$1office365 | file\$1hosting\$1activity | | microsoft\$1office365 | group\$1management | | microsoft\$1office365 | incident\$1finding | | microsoft\$1office365 | user\$1access\$1management | | microsoft\$1office365 | vulnerability\$1finding | | microsoft\$1office365 | web\$1resources\$1activity | | microsoft\$1windows | account\$1change | | microsoft\$1windows | authentication | | microsoft\$1windows | entity\$1management | | microsoft\$1windows | event\$1log\$1activity | | microsoft\$1windows | file\$1system\$1activity | | microsoft\$1windows | group\$1management | | microsoft\$1windows | kernel\$1activity | | okta\$1auth0 | api\$1activity | | okta\$1auth0 | authentication | | okta\$1sso | api\$1activity | | okta\$1sso | authentication | | okta\$1sso | detection\$1finding | | okta\$1sso | entity\$1management | | paloaltonetworks\$1nextgenerationfirewall | authentication | | paloaltonetworks\$1nextgenerationfirewall | detection\$1finding | | paloaltonetworks\$1nextgenerationfirewall | network\$1activity | | paloaltonetworks\$1nextgenerationfirewall | process\$1activity | | sentinelone\$1endpointsecurity | dns\$1activity | | sentinelone\$1endpointsecurity | file\$1system\$1activity | | sentinelone\$1endpointsecurity | http\$1activity | | sentinelone\$1endpointsecurity | process\$1activity | | servicenow\$1cmdb | api\$1activity | | servicenow\$1cmdb | datastore\$1activity | | servicenow\$1cmdb | entity\$1management | | wiz\$1cnapp | api\$1activity | | wiz\$1cnapp | authentication | | wiz\$1cnapp | compliance\$1finding | | wiz\$1cnapp | detection\$1finding | | wiz\$1cnapp | vulnerability\$1finding | | zscaler\$1internetaccess | authentication | | zscaler\$1internetaccess | dns\$1activity | | zscaler\$1internetaccess | http\$1activity | | zscaler\$1internetaccess | network\$1activity |