Is there a list of index values for say Windows Security EventIDs?
So if I wanted to extract the process name from EventID 4625.
EXTRACT_TOKEN(Strings,18,'|') AS ProcessName
Just wondering if there was a list of values somewhere. That I can use in place of 18 in the code above. Thanks