name | \n", "
---|
android_metadata | \n", "
bookmarks | \n", "
sqlite_sequence | \n", "
history | \n", "
images | \n", "
searches | \n", "
settings | \n", "
thumbnails | \n", "
_sync_state | \n", "
_sync_state_metadata | \n", "
_id | \n", "title | \n", "url | \n", "created | \n", "date | \n", "visits | \n", "user_entered | \n", "
---|---|---|---|---|---|---|
1 | \n", "http://www.google.es/?gfe_rd=cr&dcr=0&ei=_OtlWu_eK5St8wespoTYBg | \n", "0 | \n", "1516628986890 | \n", "2 | \n", "0 | \n", "|
2 | \n", "mobile congress - Buscar con Google | \n", "http://www.google.es/search?dcr=0&source=hp&ei=_OtlWqfYOIH-UPnHrqAH&sjs=16383&q=mobile+congress&oq=mobile+congress&gs_l=mobile-gws-hp.3..0l5.9699.17759..20649.......143.1677.2j13............mobile-gws-wiz-hp.....0..0i131.9Koqktw5naA%3D | \n", "0 | \n", "1516629009457 | \n", "1 | \n", "0 | \n", "
3 | \n", "Home | Mobile World Congress | \n", "https://www.mobileworldcongress.com/ | \n", "0 | \n", "1516629026677 | \n", "3 | \n", "0 | \n", "
4 | \n", "https://www.google.es/webhp?source=android-home&gws_rd=cr&dcr=0&ei=LexlWsqTBMXvUOOsg6gF | \n", "0 | \n", "1516629037678 | \n", "2 | \n", "0 | \n", "|
5 | \n", "apk mirror - Buscar con Google | \n", "https://www.google.es/search?source=android-home&dcr=0&source=hp&ei=LexlWvvkIIzXUbDmn8gB&sjs=16383&q=apk+mirror&oq=apk+mirror&gs_l=mobile-gws-hp.3..0l5.4318.7753..7951.......136.1152.1j9............mobile-gws-wiz-hp.....0..0i131j0i10.GOGxmTJuhIg%3D | \n", "0 | \n", "1516629047435 | \n", "1 | \n", "0 | \n", "
6 | \n", "APKMirror - Free APK Downloads - Download Free Android APKs #APKPLZ | \n", "https://www.apkmirror.com/ | \n", "0 | \n", "1516629052435 | \n", "2 | \n", "0 | \n", "
7 | \n", "Amazon.com: Online Shopping for Electronics, Apparel, Computers, Books, DVDs & more | \n", "https://www.amazon.com/ | \n", "0 | \n", "1516629109159 | \n", "2 | \n", "0 | \n", "
8 | \n", "http://192.168.74.128/i6ADxOqMEyyI | \n", "http://192.168.74.128/i6ADxOqMEyyI | \n", "0 | \n", "1516629327266 | \n", "1 | \n", "0 | \n", "
9 | \n", "http://192.168.74.128/i6ADxOqMEyyI/EeMVfx/ | \n", "http://192.168.74.128/i6ADxOqMEyyI/EeMVfx/ | \n", "0 | \n", "1516629327667 | \n", "1 | \n", "0 | \n", "
10 | \n", "apks - Google Search | \n", "http://www.google.es/search?hl=en&source=android-browser-type&q=apks&gws_rd=cr&dcr=0&ei=dO1lWoSxGMjSUYrwkpgG | \n", "0 | \n", "1516629364685 | \n", "2 | \n", "0 | \n", "
\n", " | _id | \n", "title | \n", "url | \n", "created | \n", "date | \n", "visits | \n", "user_entered | \n", "
---|---|---|---|---|---|---|---|
0 | \n", "1 | \n", "http://www.google.es/?gfe_rd=cr&dcr=0&ei=_OtlW... | \n", "0 | \n", "1516628986890 | \n", "2 | \n", "0 | \n", "|
1 | \n", "2 | \n", "mobile congress - Buscar con Google | \n", "http://www.google.es/search?dcr=0&source=hp&ei... | \n", "0 | \n", "1516629009457 | \n", "1 | \n", "0 | \n", "
2 | \n", "3 | \n", "Home | Mobile World Congress | \n", "https://www.mobileworldcongress.com/ | \n", "0 | \n", "1516629026677 | \n", "3 | \n", "0 | \n", "
3 | \n", "4 | \n", "https://www.google.es/webhp?source=android-hom... | \n", "0 | \n", "1516629037678 | \n", "2 | \n", "0 | \n", "|
4 | \n", "5 | \n", "apk mirror - Buscar con Google | \n", "https://www.google.es/search?source=android-ho... | \n", "0 | \n", "1516629047435 | \n", "1 | \n", "0 | \n", "
5 | \n", "6 | \n", "APKMirror - Free APK Downloads - Download Free... | \n", "https://www.apkmirror.com/ | \n", "0 | \n", "1516629052435 | \n", "2 | \n", "0 | \n", "
6 | \n", "7 | \n", "Amazon.com: Online Shopping for Electronics, A... | \n", "https://www.amazon.com/ | \n", "0 | \n", "1516629109159 | \n", "2 | \n", "0 | \n", "
7 | \n", "8 | \n", "http://192.168.74.128/i6ADxOqMEyyI | \n", "http://192.168.74.128/i6ADxOqMEyyI | \n", "0 | \n", "1516629327266 | \n", "1 | \n", "0 | \n", "
8 | \n", "9 | \n", "http://192.168.74.128/i6ADxOqMEyyI/EeMVfx/ | \n", "http://192.168.74.128/i6ADxOqMEyyI/EeMVfx/ | \n", "0 | \n", "1516629327667 | \n", "1 | \n", "0 | \n", "
9 | \n", "10 | \n", "apks - Google Search | \n", "http://www.google.es/search?hl=en&source=andro... | \n", "0 | \n", "1516629364685 | \n", "2 | \n", "0 | \n", "
Parameters
Query
{table} \n", "| where TimeGenerated >= datetime({start}) \n", "| where TimeGenerated <= datetime({end}) \n", "| where Computer has \"{host_name}\" \n", "| take 1
Example
\n", "{QueryProvider}[.QueryPath].QueryName(params...)
\n", "qry_prov.Azure.get_vmcomputer_for_host(start=start, end=end, hostname=host)\n", " " ], "text/plain": [ "
\n", " | TenantId | \n", "TimeGenerated | \n", "FlowStartTime | \n", "FlowEndTime | \n", "FlowIntervalEndTime | \n", "FlowType | \n", "ResourceGroup | \n", "VMName | \n", "VMIPAddress | \n", "PublicIPs | \n", "... | \n", "DestPort | \n", "FlowDirection | \n", "AllowedOutFlows | \n", "AllowedInFlows | \n", "DeniedInFlows | \n", "DeniedOutFlows | \n", "RemoteRegion | \n", "VMRegion | \n", "AllExtIPs | \n", "TotalAllowedFlows | \n", "
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
0 | \n", "52b1ab41-869e-4138-9e40-2a4457f09bf0 | \n", "2019-02-14 13:23:59.512 | \n", "2019-02-14 12:21:58 | \n", "2019-02-14 12:21:58 | \n", "2019-02-14 13:00:00 | \n", "AzurePublic | \n", "asihuntomsworkspacerg | \n", "msticalertswin1 | \n", "10.0.3.5 | \n", "[13.67.143.117] | \n", "... | \n", "443.0 | \n", "O | \n", "1.0 | \n", "0.0 | \n", "0.0 | \n", "0.0 | \n", "centralus | \n", "eastus | \n", "13.67.143.117 | \n", "1.0 | \n", "
1 | \n", "52b1ab41-869e-4138-9e40-2a4457f09bf0 | \n", "2019-02-14 13:23:59.512 | \n", "2019-02-14 12:29:02 | \n", "2019-02-14 12:29:02 | \n", "2019-02-14 13:00:00 | \n", "AzurePublic | \n", "asihuntomsworkspacerg | \n", "msticalertswin1 | \n", "10.0.3.5 | \n", "[40.77.232.95] | \n", "... | \n", "443.0 | \n", "O | \n", "1.0 | \n", "0.0 | \n", "0.0 | \n", "0.0 | \n", "westcentralus | \n", "eastus | \n", "40.77.232.95 | \n", "1.0 | \n", "
2 | \n", "52b1ab41-869e-4138-9e40-2a4457f09bf0 | \n", "2019-02-14 03:26:06.765 | \n", "2019-02-14 02:08:46 | \n", "2019-02-14 02:48:45 | \n", "2019-02-14 03:00:00 | \n", "AzurePublic | \n", "asihuntomsworkspacerg | \n", "msticalertswin1 | \n", "10.0.3.5 | \n", "[13.65.107.32, 40.124.45.19] | \n", "... | \n", "443.0 | \n", "O | \n", "4.0 | \n", "0.0 | \n", "0.0 | \n", "0.0 | \n", "southcentralus | \n", "eastus | \n", "13.65.107.32 | \n", "4.0 | \n", "
3 | \n", "52b1ab41-869e-4138-9e40-2a4457f09bf0 | \n", "2019-02-14 03:26:06.765 | \n", "2019-02-14 02:08:46 | \n", "2019-02-14 02:48:45 | \n", "2019-02-14 03:00:00 | \n", "AzurePublic | \n", "asihuntomsworkspacerg | \n", "msticalertswin1 | \n", "10.0.3.5 | \n", "[13.65.107.32, 40.124.45.19] | \n", "... | \n", "443.0 | \n", "O | \n", "4.0 | \n", "0.0 | \n", "0.0 | \n", "0.0 | \n", "southcentralus | \n", "eastus | \n", "40.124.45.19 | \n", "4.0 | \n", "
4 | \n", "52b1ab41-869e-4138-9e40-2a4457f09bf0 | \n", "2019-02-14 03:26:06.828 | \n", "2019-02-14 02:30:56 | \n", "2019-02-14 02:30:56 | \n", "2019-02-14 03:00:00 | \n", "AzurePublic | \n", "asihuntomsworkspacerg | \n", "msticalertswin1 | \n", "10.0.3.5 | \n", "[20.38.98.100] | \n", "... | \n", "443.0 | \n", "O | \n", "1.0 | \n", "0.0 | \n", "0.0 | \n", "0.0 | \n", "eastus | \n", "eastus | \n", "20.38.98.100 | \n", "1.0 | \n", "
5 rows × 24 columns
\n", "\n", " | Keywords | \n", "SeverityValue | \n", "TargetObject | \n", "EventTypeOrignal | \n", "EventID | \n", "ProviderGuid | \n", "ExecutionProcessID | \n", "host | \n", "Channel | \n", "UserID | \n", "... | \n", "SourceIsIpv6 | \n", "DestinationPortName | \n", "DestinationHostname | \n", "Service | \n", "Details | \n", "ShareName | \n", "EnabledPrivilegeList | \n", "DisabledPrivilegeList | \n", "ShareLocalPath | \n", "RelativeTargetName | \n", "
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
0 | \n", "-9223372036854775808 | \n", "2 | \n", "HKU\\S-1-5-21-4228717743-1032521047-1810997296-... | \n", "INFO | \n", "12 | \n", "{5770385F-C22A-43E0-BF4C-06F5698FFBD9} | \n", "3172 | \n", "wec.internal.cloudapp.net | \n", "Microsoft-Windows-Sysmon/Operational | \n", "S-1-5-18 | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
1 rows × 155 columns
\n", "\n", " | Keywords | \n", "SeverityValue | \n", "TargetObject | \n", "EventTypeOrignal | \n", "EventID | \n", "ProviderGuid | \n", "ExecutionProcessID | \n", "host | \n", "Channel | \n", "UserID | \n", "... | \n", "SourceIsIpv6 | \n", "DestinationPortName | \n", "DestinationHostname | \n", "Service | \n", "Details | \n", "ShareName | \n", "EnabledPrivilegeList | \n", "DisabledPrivilegeList | \n", "ShareLocalPath | \n", "RelativeTargetName | \n", "
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
0 | \n", "-9223372036854775808 | \n", "2 | \n", "HKU\\S-1-5-21-4228717743-1032521047-1810997296-... | \n", "INFO | \n", "12 | \n", "{5770385F-C22A-43E0-BF4C-06F5698FFBD9} | \n", "3172 | \n", "wec.internal.cloudapp.net | \n", "Microsoft-Windows-Sysmon/Operational | \n", "S-1-5-18 | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
1 | \n", "0 | \n", "2 | \n", "NaN | \n", "NaN | \n", "4103 | \n", "{A0C1853B-5C40-4B15-8766-3CF1C58F985A} | \n", "7456 | \n", "wec.internal.cloudapp.net | \n", "Microsoft-Windows-PowerShell/Operational | \n", "S-1-5-21-4228717743-1032521047-1810997296-1104 | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
2 | \n", "0 | \n", "2 | \n", "NaN | \n", "NaN | \n", "4103 | \n", "{A0C1853B-5C40-4B15-8766-3CF1C58F985A} | \n", "7456 | \n", "wec.internal.cloudapp.net | \n", "Microsoft-Windows-PowerShell/Operational | \n", "S-1-5-21-4228717743-1032521047-1810997296-1104 | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
3 | \n", "-9214364837600034816 | \n", "2 | \n", "NaN | \n", "NaN | \n", "5158 | \n", "{54849625-5478-4994-A5BA-3E3B0328C30D} | \n", "4 | \n", "wec.internal.cloudapp.net | \n", "Security | \n", "NaN | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
4 | \n", "-9214364837600034816 | \n", "2 | \n", "NaN | \n", "NaN | \n", "5156 | \n", "{54849625-5478-4994-A5BA-3E3B0328C30D} | \n", "4 | \n", "wec.internal.cloudapp.net | \n", "Security | \n", "NaN | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
5 rows × 155 columns
\n", "\\n\"+\n \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n \"
\\n\"+\n \"\\n\"+\n \"from bokeh.resources import INLINE\\n\"+\n \"output_notebook(resources=INLINE)\\n\"+\n \"
\\n\"+\n \"\n", " | Message | \n", "EventID | \n", "SourceName | \n", "TimeCreated | \n", "Hostname | \n", "Task | \n", "Level | \n", "Keywords | \n", "Channel | \n", "ProviderGuid | \n", "... | \n", "ParentProcessGuid | \n", "LogonGuid | \n", "LogonId | \n", "Device | \n", "StartFunction | \n", "TargetProcessGuid | \n", "StartModule | \n", "SourceProcessGuid | \n", "StartAddress | \n", "NewThreadId | \n", "
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
0 | \n", "The audit log was cleared.\\r\\nSubject:\\r\\n\\tSe... | \n", "1102 | \n", "Microsoft-Windows-Eventlog | \n", "2020-10-21T09:40:38.926Z | \n", "WORKSTATION5 | \n", "104 | \n", "4 | \n", "0x4020000000000000 | \n", "Security | \n", "{fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
1 | \n", "The Windows Filtering Platform has permitted a... | \n", "5158 | \n", "Microsoft-Windows-Security-Auditing | \n", "2020-10-21T09:40:40.709Z | \n", "WORKSTATION5 | \n", "12810 | \n", "0 | \n", "0x8020000000000000 | \n", "Security | \n", "{54849625-5478-4994-a5ba-3e3b0328c30d} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
2 | \n", "The Windows Filtering Platform has permitted a... | \n", "5156 | \n", "Microsoft-Windows-Security-Auditing | \n", "2020-10-21T09:40:40.709Z | \n", "WORKSTATION5 | \n", "12810 | \n", "0 | \n", "0x8020000000000000 | \n", "Security | \n", "{54849625-5478-4994-a5ba-3e3b0328c30d} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
3 | \n", "An attempt was made to duplicate a handle to a... | \n", "4690 | \n", "Microsoft-Windows-Security-Auditing | \n", "2020-10-21T09:40:43.571Z | \n", "WORKSTATION5 | \n", "12807 | \n", "0 | \n", "0x8020000000000000 | \n", "Security | \n", "{54849625-5478-4994-a5ba-3e3b0328c30d} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
4 | \n", "The handle to an object was closed.\\r\\n\\r\\nSub... | \n", "4658 | \n", "Microsoft-Windows-Security-Auditing | \n", "2020-10-21T09:40:43.571Z | \n", "WORKSTATION5 | \n", "12801 | \n", "0 | \n", "0x8020000000000000 | \n", "Security | \n", "{54849625-5478-4994-a5ba-3e3b0328c30d} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "... | \n", "
504 | \n", "Process accessed:\\r\\nRuleName: -\\r\\nUtcTime: 2... | \n", "10 | \n", "Microsoft-Windows-Sysmon | \n", "2020-10-21T09:41:04.166Z | \n", "WORKSTATION5 | \n", "10 | \n", "4 | \n", "0x8000000000000000 | \n", "Microsoft-Windows-Sysmon/Operational | \n", "{5770385f-c22a-43e0-bf4c-06f5698ffbd9} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
505 | \n", "Process accessed:\\r\\nRuleName: -\\r\\nUtcTime: 2... | \n", "10 | \n", "Microsoft-Windows-Sysmon | \n", "2020-10-21T09:41:04.166Z | \n", "WORKSTATION5 | \n", "10 | \n", "4 | \n", "0x8000000000000000 | \n", "Microsoft-Windows-Sysmon/Operational | \n", "{5770385f-c22a-43e0-bf4c-06f5698ffbd9} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
506 | \n", "Process accessed:\\r\\nRuleName: -\\r\\nUtcTime: 2... | \n", "10 | \n", "Microsoft-Windows-Sysmon | \n", "2020-10-21T09:41:04.166Z | \n", "WORKSTATION5 | \n", "10 | \n", "4 | \n", "0x8000000000000000 | \n", "Microsoft-Windows-Sysmon/Operational | \n", "{5770385f-c22a-43e0-bf4c-06f5698ffbd9} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
507 | \n", "Process accessed:\\r\\nRuleName: -\\r\\nUtcTime: 2... | \n", "10 | \n", "Microsoft-Windows-Sysmon | \n", "2020-10-21T09:41:04.166Z | \n", "WORKSTATION5 | \n", "10 | \n", "4 | \n", "0x8000000000000000 | \n", "Microsoft-Windows-Sysmon/Operational | \n", "{5770385f-c22a-43e0-bf4c-06f5698ffbd9} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
508 | \n", "The System log file was cleared. | \n", "104 | \n", "Microsoft-Windows-Eventlog | \n", "2020-10-21T09:40:38.973Z | \n", "WORKSTATION5 | \n", "104 | \n", "4 | \n", "0x8000000000000000 | \n", "System | \n", "{fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
509 rows × 114 columns
\n", "\n", " | Message | \n", "EventID | \n", "SourceName | \n", "TimeCreated | \n", "Hostname | \n", "Task | \n", "Level | \n", "Keywords | \n", "Channel | \n", "ProviderGuid | \n", "... | \n", "ParentProcessGuid | \n", "LogonGuid | \n", "LogonId | \n", "Device | \n", "StartFunction | \n", "TargetProcessGuid | \n", "StartModule | \n", "SourceProcessGuid | \n", "StartAddress | \n", "NewThreadId | \n", "
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
0 | \n", "The audit log was cleared.\\r\\nSubject:\\r\\n\\tSe... | \n", "1102 | \n", "Microsoft-Windows-Eventlog | \n", "2020-10-21T09:40:38.926Z | \n", "WORKSTATION5 | \n", "104 | \n", "4 | \n", "0x4020000000000000 | \n", "Security | \n", "{fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
1 | \n", "The Windows Filtering Platform has permitted a... | \n", "5158 | \n", "Microsoft-Windows-Security-Auditing | \n", "2020-10-21T09:40:40.709Z | \n", "WORKSTATION5 | \n", "12810 | \n", "0 | \n", "0x8020000000000000 | \n", "Security | \n", "{54849625-5478-4994-a5ba-3e3b0328c30d} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
2 | \n", "The Windows Filtering Platform has permitted a... | \n", "5156 | \n", "Microsoft-Windows-Security-Auditing | \n", "2020-10-21T09:40:40.709Z | \n", "WORKSTATION5 | \n", "12810 | \n", "0 | \n", "0x8020000000000000 | \n", "Security | \n", "{54849625-5478-4994-a5ba-3e3b0328c30d} | \n", "... | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "NaN | \n", "
3 rows × 114 columns
\n", "