appevent.log,Application Event,logip,loghost,loguser,logdate,logtime,line
sysevent.log,System Event,logip,loghost,loguser,logdate,logtime,line
secevent.log,Security Event,logip,loghost,loguser,logdate,logtime,line
alert.ids,Snort,line
snortlite.log,SnortLite,logip,loghost,loguser,logdate,logtime,label,classification,date,time,priority,source,destination,protocol,reference
services.log,Running Services,logip,loghost,loguser,logdate,logtime,message,display,name,state,account,servfilename,startup
shares.log,Open Shares,logip,loghost,loguser,logdate,logtime,message,share,usergroup,rights,path,remark
startup.log,Startup config,logip,loghost,loguser,logdate,logtime,message,location,item
adsscan.log,ADS Scanner,logip,loghost,loguser,logdate,logtime,ads,size
integrity.log,Integrity checker,logip,loghost,loguser,logdate,logtime,message
user.log,Rogue Users,logip,loghost,loguser,logdate,logtime,message,username,script,fullname
processes.log,Running Processes,logip,loghost,loguser,logdate,logtime,message,exename,exepath,username
task.log,Scheduled Tasks,logip,loghost,loguser,logdate,logtime,message,jobid,schdays,schtime,command,flags
*.clg,ComLog,logip,loghost,loguser,logdate,logtime,line
ZAlog.txt,ZoneAlarm,logip,loghost,loguser,logdate,logtime,type,date,time,source,dest,transport
antivirus.log,Antivirus,logip,loghost,loguser,logdate,logtime,date,time,message,username,infectedfile,virusname
* Note that filters for appevent.log, sysevent.log and secevent.log are valid only for LogIDS Pro. Also note that snortlite.log is obtained from LogAgent 5.0 Pro monitoring Snort's alert.ids file.