Skip to content

Latest commit

 

History

History
34 lines (27 loc) · 1.07 KB

MATCH-S00133.md

File metadata and controls

34 lines (27 loc) · 1.07 KB
Raw

Rules: G Suite - Admin Activity

Description

The admin activity report returns information on the Admin console activities of all of your account's administrators.

Additional Details

Detail Value
Type Templated Match
Category Unknown/Other
Apply Risk to Entities user_username
Signal Name G Suite - Admin Activity - {{description}} - {{action}}
Summary Expression User: {{user_username}} performed action: {{action}}
Score/Severity Static: 1
Enabled by Default True
Prototype False
Tags _mitreAttackTactic:TA0001, _mitreAttackTactic:TA0003, _mitreAttackTactic:TA0004, _mitreAttackTactic:TA0005, _mitreAttackTechnique:T1078, _mitreAttackTechnique:T1078.004

Vendors and Products

Fields Used

Origin Field
Normalized Schema action
Normalized Schema description
Normalized Schema listMatches
Normalized Schema metadata_deviceEventId
Normalized Schema metadata_product
Normalized Schema metadata_vendor
Normalized Schema user_username