本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。 # 資料來源支援的第三方來源 下表列出透過管道擷取時,CloudWatch Logs 自動分類為資料來源的第三方來源: | 資料來源名稱 (@data\$1source\$1name 欄位) | 資料來源類型 (@data\$1source\$1type 欄位) | | --- | --- | | crowdstrike\$1falcon | detection\$1finding | | crowdstrike\$1falcon | process\$1activity | | github\$1auditlogs | account\$1change | | github\$1auditlogs | api\$1activity | | github\$1auditlogs | entity\$1management | | microsoft\$1entraid | account\$1change | | microsoft\$1entraid | authentication | | microsoft\$1entraid | entity\$1management | | microsoft\$1entraid | user\$1access\$1management | | microsoft\$1office365 | account\$1change | | microsoft\$1office365 | application\$1lifecycle | | microsoft\$1office365 | authentication | | microsoft\$1office365 | compliance\$1finding | | microsoft\$1office365 | detection\$1finding | | microsoft\$1office365 | email\$1activity | | microsoft\$1office365 | file\$1hosting\$1activity | | microsoft\$1office365 | group\$1management | | microsoft\$1office365 | incident\$1finding | | microsoft\$1office365 | user\$1access\$1management | | microsoft\$1office365 | vulnerability\$1finding | | microsoft\$1office365 | web\$1resources\$1activity | | microsoft\$1windows | account\$1change | | microsoft\$1windows | authentication | | microsoft\$1windows | entity\$1management | | microsoft\$1windows | event\$1log\$1activity | | microsoft\$1windows | file\$1system\$1activity | | microsoft\$1windows | group\$1management | | microsoft\$1windows | kernel\$1activity | | okta\$1auth0 | api\$1activity | | okta\$1auth0 | authentication | | okta\$1sso | api\$1activity | | okta\$1sso | authentication | | okta\$1sso | detection\$1finding | | okta\$1sso | entity\$1management | | paloaltonetworks\$1nextgenerationfirewall | authentication | | paloaltonetworks\$1nextgenerationfirewall | detection\$1finding | | paloaltonetworks\$1nextgenerationfirewall | network\$1activity | | paloaltonetworks\$1nextgenerationfirewall | process\$1activity | | sentinelone\$1endpointsecurity | dns\$1activity | | sentinelone\$1endpointsecurity | file\$1system\$1activity | | sentinelone\$1endpointsecurity | http\$1activity | | sentinelone\$1endpointsecurity | process\$1activity | | servicenow\$1cmdb | api\$1activity | | servicenow\$1cmdb | datastore\$1activity | | servicenow\$1cmdb | entity\$1management | | wiz\$1cnapp | api\$1activity | | wiz\$1cnapp | authentication | | wiz\$1cnapp | compliance\$1finding | | wiz\$1cnapp | detection\$1finding | | wiz\$1cnapp | vulnerability\$1finding | | zscaler\$1internetaccess | authentication | | zscaler\$1internetaccess | dns\$1activity | | zscaler\$1internetaccess | http\$1activity | | zscaler\$1internetaccess | network\$1activity |