# Artifact Collection Parameters This page is designed for managing Windows Event Log, Windows Sysmon, Windows File Analysis, Threat Detection, Reported E-Mail Searches, and Content Search Rules. * **Windows Event Log Rules**: This section displays Windows event log rules. The users can create, edit, and delete the rules according to their requirements.

* **Windows Sysmon Rules**: This section displays Windows Sysmon rules. The users can create, edit, and delete the rules according to their requirements.

* **Windows File Analysis**: This section displays Windows file analysis. The users can create, edit, and delete the analysis rule according to their requirements.

* **Threat Detection Rules**: This section displays SIGMA rules. The users can create, edit, and delete the analysis rule according to their requirements. These rules are SIGMA rules for Thor analysis.

* **Reported E-Mail Searches (Deprecated)**: This section displays reported e-mail searches. If the users report an e-mail, the analysis state can be seen from this section. * **Content Search Rules**: This section is designed for content searching with agents, Teams, or Outlook add-ins. The users can create, edit, and delete rules according to their requirements.

* **Windows Threat Monitor Rules**: This section allows users to manage the Windows threat monitor rules. The users can edit, clone, or create a new rule for specific requirements of their own.

* **OSQuery Rules:** This section allows users to manage the OSQuery rules for Linux and macOS. The users can edit, clone, or create a new rule for specific requirements of their own.

* **Windows Object and Honeypot Monitor Rules**: This section allows users to manage the Windows object and honeypot monitor rules. The users can edit, clone, or create a new rule for specific requirements of their own.

* **NMAP Script Scan Results**: This section is allow users to edit NMAP Scripts for network scanning. The users can edit, clone, or create a new rule for specific requirements of their own.

* **Agentles Windows Collection Rules**: This section allows users to manage the agentless collection rules. The users can edit, clone, or create a new rule for specific requirements of their own. * **Agentless Linux Collection Rules**: This section allows users to manage the agentless collection rules. The users can edit, clone, or create a new rule for specific requirements of their own. * **Windows Security Software Settings**: This section allows users to manage security software detection parameters. The users can edit, clone, or create a new settings for specific requirements of their own.

* **Linux/macOS Security Software Settings**: This section allows users to manage security software detection parameters. The users can edit, clone, or create a new settings for specific requirements of their own. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cloudcyte.com/admin-guide/rules-and_policies/artifact_collection_parameters.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.