ABNORMAL_FILES
ACTINIUM_DOMAINS
ADMIN_GROUPS
ADMIN_SOURCES
ADMINS
ALERT_IRC_PORT
ALERT_OPEN_PORTS
ALERT_PRESENT_EMPLOYEES
ALERT_UNUSUAL_SOURCE
ALLOWED_PORTS
ATTACK_COMMANDS
BAD_RABBIT_FILE
BAD_RABBIT_HASH
BLACKLIST_IPS
BLACKLISTED_DOMAIN
BLACKLISTED_IP
BLACKLISTED_PORTS
BLOCKED_APPLICATION
CHROME_VPN_EXTENSIONS
CLOUD_APP
CLOUD_APPLICATION_IP
CLOUD_APPLICATIONS
CONCERNED_CONTENT
CRIMINAL_CONTENT
CRITICAL_FILE
CRITICAL_FILES
CRITICAL_FOLDER
DEFAULT_USERS
DOMAIN
DOPPELPAYMER_RANSOMWARE_CVE
DRAGONFLY_CNC_REQUEST
DYNAMIC_CATEGORIES
EDR_PROCESS
EXCLUDED_USERS
EXECUTABLES
EXISTING_USERS
EXTREMIST_CONTENT
GHOSTWRITER_IPS
HERMETIC_WIPER_DRIVER_HASHES
HIDDEN_COBRA_FILE
HIDDEN_COBRA_HASH
HIDDEN_COBRA_IP
HOME_DIR
HOME_DOMAIN
HOME_FOLDER
HOMENET
HTTP_ERROR
INACTIVE_USERS
INVISIMOLE_MALWARE_HASHES
KASPERSKY_DETECTED_MALWARE_HASHES
KASPERSKY_UPDATE_FAILURES
KNOWN_APPLICATIONS
KNOWN_DOMAINS
KNOWN_FILE
KNOWN_SERVER_HOST
LOCKERGOGA_FILES
MAGECART_DOMAINS
MAIL_SERVER_IP
MAIL_SERVERS
MALICIOUS_POWERSHELL_COMMANDLET_NAMES
MALICIOUS_TOOLS_IMPHASH
MALWARE_EMAILS
MALWARE_FILES
MALWARE_HASH
MALWARE_IP
MATRIX_FILE
MAZE_RANSOMWARE_DOMAINS
MAZE_RANSOMWARE_EMAILS
MOST_EXPLOITABLE_CVE
MOST_EXPLOITABLE_DOMAINS
MOST_EXPLOITABLE_EMAILS
MOST_EXPLOITABLE_HASHES
MOST_EXPLOITABLE_IPS
NEFILIM_RANSOMWARE_EMAILS
NEFILIM_RANSOMWARE_HASHES
NON_EXISTING_USERS
NON_PCI_COMPLIANT_PORT
POWERSPLOIT_RECON_MODULES
PRIVILEGED_USER
PROWLI_CVE
PROWLI_DOMAIN
PROWLI_EMAIL
PROWLI_FILE
PROWLI_HASH
SERVER_ADDRESS
SQL_INJECTION_CHARACTER
SQL_INJECTION_CHARACTERS
SUSPICIOUS_COUNTRY
SUSPICIOUS_DRIVER
UNAPPROVED_PORT
VULNERABLE_CONTENT
VULNERABLE_WORKSTATIONS
WANNACRY_DOMAIN
WANNACRY_EXTENSION
WEBSERVER_SYSTEMS
WINADMINS
WINDOWS_DC
XSS_TAG
YOUTUBE
For more details on Lists, go to the Lists section in the Logpoint Data Integration guide.