Skip to main content
Skip table of contents

User and Entity Behavior Analytics – Lists

The following table contains the lists that are included in the UEBA module. All of these lists can be configured in the LogRhythm environment.

List ID

List Name


Attack Lifecycle: Exfil, Corruption, Disruption


Attack Lifecycle: Target Attainment


Attack Lifecycle: Lateral Movement


Attack Lifecycle: Command and Control


Attack Lifecycle: Initial Compromise


Attack Lifecycle: Recon and Planning


Network: Whitelisted Processes


Vulnerability Scanners


Network: Blacklisted Countries


Privileged Groups


Privileged Users


CloudAI: Monitored Identities


CloudAI: Ignore for 24 Hours


Privileged Users


Executive Users


Watched Users


Location Watch List

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.