Abstract: A computer-implemented method may be used for security event monitoring. The method may include receiving data from a first operating system and defining an audit classes data filter for collection by a security event monitoring application. Additionally, the method may include comparing the data with the audit classes data filter and comparing the data with a set of blacklisted values. Additionally, the method may include outputting a common structure format data based on the comparison of the processing data with the audit classes data filter and the blacklisted values.

Abstract: A computer-implemented method may be used for security event monitoring. The method may include receiving data from a first operating system and defining an audit classes data filter for collection by a security event monitoring application. Additionally, the method may include comparing the data with the audit classes data filter and comparing the data with a set of blacklisted values. Additionally, the method may include outputting a common structure format data based on the comparison of the processing data with the audit classes data filter and the blacklisted values.