Nginx Core DumpMay 8, 2023 · attack.impact attack.t1499.004 ·
Detects a core dump of a crashing Nginx worker process, which could be a signal of a serious problem or exploitation attempts.
Apache Segmentation FaultApr 19, 2023 · attack.impact attack.t1499.004 ·
Detects a segmentation fault error message caused by a crashing apache worker process
Audit CVE Event
Detects events generated by user-mode applications when they call the CveEventWrite API when a known vulnerability is trying to be exploited. MS started using this log in Jan. 2020 with CVE-2020-0601 (a Windows CryptoAPI vulnerability. Unfortunately, that is about the only instance of CVEs being written to this log.