WTMP data will contain the data for current and past logged in users reported typically under /var/log/wtmp. The WTMP file will reveal current and past logg...

BTMP data will contain the data for bad login attempts under /var/run/btmp. The BTMP file will reveal invalid login attempts and where they originated. ...

The data here will contain cron job information on the host if it was flagged by Sandfly Security or by a user. The formatting reflects standard Linux cron ...

These fields are for "at" job scheduled on the remote system flagged by Sandfly Security or by a user. They are formatted for easier parsing from ...