WTMP data will contain the data for current and past logged in users reported typically under /var/log/wtmp. The WTMP file will reveal current and past logg...

BTMP data will contain the data for bad login attempts under /var/run/btmp. The BTMP file will reveal invalid login attempts and where they originated. ...

The Kernel Module data contains all attributes about a Linux kernel module that was flagged by Sandfly Security or a user defined sandfly for whatever reaso...

The Systemd data contains all attributes about a systemd unit or user session that were flagged by Sandfly Security or a user defined sandfly for whatever r...

The data here will contain cron job information on the host if it was flagged by Sandfly Security or by a user. The formatting reflects standard Linux cron ...

These fields are for "at" job scheduled on the remote system flagged by Sandfly Security or by a user. They are formatted for easier parsing from ...