> ## Documentation Index
> Fetch the complete documentation index at: https://docs.levelblue.com/llms.txt
> Use this file to discover all available pages before exploring further.

# USM Anywhere Event Type Templates

|                       |               |                  |             |             |
| --------------------- | ------------- | ---------------- | ----------- | ----------- |
| **Role Availability** | **Read-Only** | **Investigator** | **Analyst** | **Manager** |

USM Anywhere includes a set of predefined templates based on the classification of <Tooltip tip="Any traffic or data exchange detected by LevelBlue products through a sensor or external devices such as a firewall.">event</Tooltip> data source types and based on data sources.

You can find these templates on **Reports > Event Type Templates**.

There are these types of templates:

* **Type of Data Source.** Event Type Templates enable you to easily run a general <Tooltip tip="Virtual or physical device designed to defend against unauthorized access to data, resources, or a private network. A firewall’s primary purpose is to create segregation between two or more network resources, blocking undesirable traffic between them.">firewall</Tooltip>, authentication, and other types of normalized queries that do not require you to build complex filters based on specific data source or event types. USM Anywhere supports these reports: Anomaly Detection, Antivirus, <Tooltip tip="A software program that performs some collection of tasks on a computer or some other programmable device.">Application</Tooltip>, Application Firewall, <Tooltip tip="Process used to verify the identity of a user, user device, or other entity, usually through a username and password.">Authentication</Tooltip>, Authentication and <Tooltip tip="Network protocol used to dynamically distribute network configuration parameters, such as IP addresses, for interfaces and services.">DHCP</Tooltip>, <Tooltip tip="The use of many computers connected over a network to run multiple programs or applications at the same time, instead of running them on a local device or network.">Cloud</Tooltip> Application, Cloud Infrastructure, DNS Server, Data Protection, Database, Endpoint Protection, Endpoint Security, Firewall, <Tooltip tip="Network device or program that monitors network traffic and logs and reports suspicious network activity indicative of an intrusion.">IDS</Tooltip>, Infrastructure <Tooltip tip="Process of collecting all device status and event information and processing normalized events for evidence of vulnerabilities, possible attacks, and other malicious activity.">Monitoring</Tooltip>, <Tooltip tip="Security system capability that attempts to detect actions that may compromise the confidentiality, integrity, or availability of a resource.">Intrusion Detection</Tooltip>, Intrusion Prevention, Load Balancer, Mail Security, Mail Server, Management Platform, Network Access Control, <Tooltip tip="Software that manages computer hardware resources and provides common services for computer programs. Examples include Microsoft Windows, Macintosh OS X, UNIX, and Linux.">Operating System</Tooltip>, Other Devices, Proxy, Router, Router/Switch, Server, Switch, Unified Threat Management, VPN, Web Server, Wireless Security/Management.
* **Data Sources.** You can find templates based on the most commonly used data sources including <Tooltip tip="Network Intrusion Dectection System (NIDS) monitors network traffic and events for suspicious or malicious activity using the sensors that provide management and network monitoring interfaces to networks and network devices.">NIDS</Tooltip>, <Tooltip tip="Network Intrusion Dectection System (NIDS) monitors network traffic and events for suspicious or malicious activity using the sensors that provide management and network monitoring interfaces to networks and network devices.">AWS</Tooltip>, Amazon DynamoDB, Amazon S3, AWS VPC Flow Logs, AWS Load Balancers, <Tooltip tip="Microsoft Azure is a cloud computing platform and infrastructure created by Microsoft for building, deploying, and managing applications and services through a global network of Microsoft-managed data centers.">Azure</Tooltip>, Cisco Umbrella, Cylance, FireEye, Fortigate, G Suite, McAfee ePO, Office 365, Okta, Palo Alto, SonicWall, Sophos UTM, Watchguard, VMware, Windows, LevelBlue Agent. There is also a template for the LevelBlue Generic Data Source.