File_created_by_user_Carbon Black_CB Defense

Alert

File created by user (FILE_CREATE)

SK4 unified event:
Connector/Service

Carbon Black/CB Defense

SK4 Version:

2.3.180

Created Date:

Sun Mar 17 2019 13:15:53 GMT+0000 (Coordinated Universal Time)

Last Update:

Tue Jun 18 2019 11:11:23 GMT+0000 (Coordinated Universal Time)

Category

Security Alert

Description

A new file has been created on a device.

Search query

cef_vendor="skyformation" cef_name="security-threat-detected" destinationServiceName="Carbon Black" fileType="file" act="create"

Parsed CEF
Unparsed raw data

Expand to see an example...

Audit sources