Source - The source of an event is the name of the file, stream, or other input from which the event originates
1) Which are the sources of the event?Simulate me some real situations.
Sourcetype - The source type of an event is the format of the data input from which it originates like for windows .evt files from event viewer
1) Which are the sources type of the event? The same question.
I can not understand what applies to source and to sourcetype.
I would be glad if somebody gives examples. Or what should I read to better understand logs? I understand that there are just different logs. Some are responsible for one, the other for the other.
↧