Timestamp: '%Timestamp%'
Computer: '%Computer%'
Channel: '%Channel%'
Level: '%Level%'
EventID: '%EventID%'
MitreAttack: '%MitreAttack%'
RecordID: '%RecordID%'
RuleTitle: '%RuleTitle%'
Details: '%Details%'
RecordInformation: '%RecordInformation%'
RuleFile: '%RuleFile%'
EvtxFile: '%EvtxFile%'
Tags: '%MitreAttack%'