Technical Note: ZoneFox 4.0 - What is an Event

FAQ

Events are things which occur on your network.  ZoneFox captures event information from endpoints; these could be;

• Network events such as file upload or download activities, or
• System events such as those which occur in the Windows directory, or
• User events such as user log in or a file read in Excel.

Each ZoneFox event from an endpoint contains the following elements for the event:

• User - The user account carrying out the activity

• Machine - The machine (endpoint) the activity took place on

• Activity  - The activity type (e.g. user log in/off, machine on/off, File created/read/written/moved/deleted/renamed, database record updated, etc.)

• Application/Process - the application used to carry out the activity e.g. Explorer.exe, Winword.exe, etc.

• Resource - This is typically a path, filename, and file type involved in the activity, except for SQL Server agent events which shall specify the database and database element acted on. 

• For network events only: Network destination and origin, including port number used for the transfer