├── Office365
    ├── FailedLogon.sql
    ├── FileSharingSet.sql
    ├── SuccesfulLogonNoLync.sql
    ├── SuccesfulLogonViaLync.sql
    ├── UserActions.sql
    ├── UserLoggedIn.sql
    └── UserPageViews.sql
└── sysmon
    ├── CreateRemoteThread.sql
    ├── DriverLoad.sql
    ├── FileCreate.sql
    ├── FileCreateStreamHash.sql
    ├── FileCreateTime.sql
    ├── ImageLoad.sql
    ├── NetConn.sql
    ├── ProcCreate.sql
    ├── ProcTerminate.sql
    ├── ProcessAccess.sql
    ├── RegEventCreateObject.sql
    ├── RegEventRename.sql
    ├── RegEventSetValue.sql
    └── SysmonServiceStateChange.sql


/Office365/FailedLogon.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/Office365/FailedLogon.sql


--------------------------------------------------------------------------------
/Office365/FileSharingSet.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/Office365/FileSharingSet.sql


--------------------------------------------------------------------------------
/Office365/SuccesfulLogonNoLync.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/Office365/SuccesfulLogonNoLync.sql


--------------------------------------------------------------------------------
/Office365/SuccesfulLogonViaLync.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/Office365/SuccesfulLogonViaLync.sql


--------------------------------------------------------------------------------
/Office365/UserActions.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/Office365/UserActions.sql


--------------------------------------------------------------------------------
/Office365/UserLoggedIn.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/Office365/UserLoggedIn.sql


--------------------------------------------------------------------------------
/Office365/UserPageViews.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/Office365/UserPageViews.sql


--------------------------------------------------------------------------------
/sysmon/CreateRemoteThread.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/CreateRemoteThread.sql


--------------------------------------------------------------------------------
/sysmon/DriverLoad.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/DriverLoad.sql


--------------------------------------------------------------------------------
/sysmon/FileCreate.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/FileCreate.sql


--------------------------------------------------------------------------------
/sysmon/FileCreateStreamHash.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/FileCreateStreamHash.sql


--------------------------------------------------------------------------------
/sysmon/FileCreateTime.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/FileCreateTime.sql


--------------------------------------------------------------------------------
/sysmon/ImageLoad.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/ImageLoad.sql


--------------------------------------------------------------------------------
/sysmon/NetConn.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/NetConn.sql


--------------------------------------------------------------------------------
/sysmon/ProcCreate.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/ProcCreate.sql


--------------------------------------------------------------------------------
/sysmon/ProcTerminate.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/ProcTerminate.sql


--------------------------------------------------------------------------------
/sysmon/ProcessAccess.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/ProcessAccess.sql


--------------------------------------------------------------------------------
/sysmon/RegEventCreateObject.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/RegEventCreateObject.sql


--------------------------------------------------------------------------------
/sysmon/RegEventRename.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/RegEventRename.sql


--------------------------------------------------------------------------------
/sysmon/RegEventSetValue.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/RegEventSetValue.sql


--------------------------------------------------------------------------------
/sysmon/SysmonServiceStateChange.sql:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nettitude/logparser/HEAD/sysmon/SysmonServiceStateChange.sql


--------------------------------------------------------------------------------