Access rules Description Rules that define who can view which log types and how far back a user can view data. They act as a second-level filter on top of the user’s roles. See also Access rules Create an access rule A Access rules Agent Agent-based log collection Agentless log collection Agent management Audit log Automatic enrollment B Bandwidth C CA (Certificate Authority) CEF (Common Event Format) Configuration Configuration template CSV (Comma-separated Values) Customer Customer portal D Deployment DNS (Domain Name System) E Endpoint security Enroll EPS (Events Per Second) ETW (Event Tracing for Windows) Event correlation F Failover G GELF (Graylog Extended Log Format) I ICMP (Internet Control Message Protocol) IDS (Intrusion Detection System) J JSON (JavaScript Object Notation) K Kernel log Kubernetes KVP (Key-Value Pair) L LEEF (Log Event Extended Format) Log centralization Log normalization Log parsing Log shipper Log source Log storage Log type M Metrics Multiline logs N NetFlow O Organization OTel (OpenTelemetry) P PCI-DSS (Payment Card Industry Data Security Standard) Podman Protocol R Relay S SIEM (Security Information and Event Management) SNMP (Simple Network Management Protocol) Structured logging Subscription Syslog T TCP (Transmission Control Protocol) Telemetry data Telemetry pipeline Tenant TLS (Transport Layer Security) Traces U UDP (User Datagram Protocol) User role W W3C Extended Log File Format WEC (Windows Event Collector) WEF (Windows Event Forwarding) Windows event ID WMI (Windows Management Instrumentation) X XPath
