Microsoft Audit Log Type Reference Generator

Data SourceAuditLogRecordType

Microsoft documentation URL

📄 Upload HTML File

Extracted Data 0 entries

Value (RecordType)	Member name	Description

Usage tips:

Splunk: place CSV in $SPLUNK_HOME/etc/system/lookups (or app directory), configure transforms.conf and props.conf to lookup by RecordType.
Elastic: use mapping JSON in an index template and import the CSV via an ingest pipeline / enrich processor.
Logstash: drop the filter snippet into your pipeline to translate RecordType → human-readable audit_log_type.