diff --git a/CHANGELOG.md b/CHANGELOG.md
index 176ed78e5..67cad5180 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -94,6 +94,23 @@ Thankyou! -->
     7. Added `Device Config Sate Change` event class. #914
     8. Added `Scan Activity` event class. #915
     9. Added `File Hosting Activity` event class. #917
+    10. Added `File Query` event class. #967
+    11. Added `Folder Query` event class. #967
+    12. Added `Group Query` event class. #967
+    13. Added `Job Query` event class. #967
+    14. Added `Kernel Object Query` event class. #967
+    15. Added `Module Query` event class. #967
+    16. Added `Network Connection Query` event class. #967
+    17. Added `Networks Query` event class. #967
+    18. Added `Peripheral Device Query` event class. #967
+    19. Added `Prefetch Query` event class. #967
+    20. Added `Process Query` event class. #967
+    21. Added `Registry Key Query` event class. #967
+    22. Added `Registry Value Query` event class. #967
+    23. Added `Service Query` event class. #967
+    24. Added `Session Query` event class. #967
+    25. Added `Startup Application Query` event class. #967
+    26. Added `User Query` event class. #967
 
 * #### Profiles
 	1. Added `Network Proxy` Profile for the `Network Activity` and `Application Activity` classes. #705 
diff --git a/dictionary.json b/dictionary.json
index c63dcc579..a3d56011d 100644
--- a/dictionary.json
+++ b/dictionary.json
@@ -3152,6 +3152,43 @@
       "description": "The query info object holds information related to data access within a datastore. To access, manipulate, delete, or retrieve data from a datastore, a database query must be written using a specific syntax.",
       "type": "query_info"
     },
+    "query_result": {
+      "caption": "Query Result",
+      "description": "The result of the query.",
+      "type": "string_t"
+    },
+    "query_result_id": {
+      "caption": "Query Result ID",
+      "description": "The normalized identifier of the query result.",
+      "enum": {
+        "1": {
+          "caption": "Exists",
+          "description": "The target was found."
+        },
+        "2": {
+          "caption": "Partial",
+          "description": "The target was partially found."
+        },
+        "3": {
+          "caption": "Does not exist",
+          "description": "The target was not found."
+        },
+        "4": {
+          "caption": "Error",
+          "description": "The discovery attempt failed."
+        },
+        "5": {
+          "caption": "Unsupported",
+          "description": "Discovery of the target was not supported."
+        },
+        "99": {
+          "caption": "Other",
+          "description": "The query result is not mapped. See the <code>query_result</code> attribute, which contains a data source specific value."
+        }
+      },
+      "type": "integer_t",
+      "sibling": "query_result"
+    },
     "query_string": {
       "caption": "HTTP Query String",
       "description": "The query portion of the URL. For example: the query portion of the URL <code>http://www.example.com/search?q=bad&sort=date</code> is <code>q=bad&sort=date</code>.",
diff --git a/events/discovery/discovery_result.json b/events/discovery/discovery_result.json
index 03df83d6a..98290c382 100644
--- a/events/discovery/discovery_result.json
+++ b/events/discovery/discovery_result.json
@@ -14,26 +14,23 @@
     "activity_id": {
       "enum": {
         "1": {
-          "caption": "Exists",
-          "description": "The target was found."
-        },
-        "2": {
-          "caption": "Partial",
-          "description": "The target was partially found."
-        },
-        "3": {
-          "caption": "Does not exist",
-          "description": "The target was not found."
-        },
-        "4": {
-          "caption": "Error",
-          "description": "The discovery attempt failed."
-        },
-        "5": {
-          "caption": "Unsupported",
-          "description": "Discovery of the target was not supported."
+          "caption": "Query",
+          "description": "The discovered results are via a query request."
         }
       }
+    },
+    "query_info": {
+      "description": "The search details associated with the query request.",
+      "group": "primary",
+      "requirement": "recommended"
+    },
+    "query_result": {
+      "group": "primary",
+      "requirement": "recommended"
+    },
+    "query_result_id": {
+      "group": "primary",
+      "requirement": "required"
     }
   }
 }
\ No newline at end of file
diff --git a/events/discovery/file_info.json b/events/discovery/file_query.json
similarity index 58%
rename from events/discovery/file_info.json
rename to events/discovery/file_query.json
index 3bcb0953a..84bdbd84b 100644
--- a/events/discovery/file_info.json
+++ b/events/discovery/file_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "File Info",
-  "description": "File Info events report information about files that are present on the system.",
+  "caption": "File Query",
+  "description": "File Query events report information about files that are present on the system.",
   "extends": "discovery_result",
-  "name": "file_info",
+  "name": "file_query",
   "uid": 7,
   "attributes": {
     "file": {
diff --git a/events/discovery/folder_info.json b/events/discovery/folder_query.json
similarity index 57%
rename from events/discovery/folder_info.json
rename to events/discovery/folder_query.json
index f609b007e..686465711 100644
--- a/events/discovery/folder_info.json
+++ b/events/discovery/folder_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Folder Info",
-  "description": "Folder Info events report information about folders that are present on the system.",
+  "caption": "Folder Query",
+  "description": "Folder Query events report information about folders that are present on the system.",
   "extends": "discovery_result",
-  "name": "folder_info",
+  "name": "folder_query",
   "uid": 8,
   "attributes": {
     "folder": {
diff --git a/events/discovery/group_info.json b/events/discovery/group_query.json
similarity index 69%
rename from events/discovery/group_info.json
rename to events/discovery/group_query.json
index 845db252d..ee4f750ae 100644
--- a/events/discovery/group_info.json
+++ b/events/discovery/group_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Admin Group Info",
-  "description": "Group Info events report information about administrative groups.",
+  "caption": "Admin Group Query",
+  "description": "Admin Group Query events report information about administrative groups.",
   "extends": "discovery_result",
-  "name": "admin_group_info",
+  "name": "admin_group_query",
   "uid": 9,
   "attributes": {
     "group": {
diff --git a/events/discovery/job_info.json b/events/discovery/job_query.json
similarity index 53%
rename from events/discovery/job_info.json
rename to events/discovery/job_query.json
index 20dd0910b..f036e3759 100644
--- a/events/discovery/job_info.json
+++ b/events/discovery/job_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Job Info",
-  "description": "Job Info events report information about scheduled jobs.",
+  "caption": "Job Query",
+  "description": "Job Query events report information about scheduled jobs.",
   "extends": "discovery_result",
-  "name": "job_info",
+  "name": "job_query",
   "uid": 10,
   "attributes": {
     "job": {
diff --git a/events/discovery/kernel_object_info.json b/events/discovery/kernel_object_query.json
similarity index 56%
rename from events/discovery/kernel_object_info.json
rename to events/discovery/kernel_object_query.json
index 8e0b68ab5..ea38f6ac9 100644
--- a/events/discovery/kernel_object_info.json
+++ b/events/discovery/kernel_object_query.json
@@ -1,8 +1,8 @@
 {
-  "description": "Kernel Object Info events report information about discovered kernel resources.",
+  "caption": "Kernel Object Query",
+  "description": "Kernel Object Query events report information about discovered kernel resources.",
   "extends": "discovery_result",
-  "caption": "Kernel Object Info",
-  "name": "kernel_object_info",
+  "name": "kernel_object_query",
   "uid": 6,
   "attributes": {
     "kernel": {
diff --git a/events/discovery/module_info.json b/events/discovery/module_query.json
similarity index 68%
rename from events/discovery/module_info.json
rename to events/discovery/module_query.json
index ae3ab401a..a8832bd80 100644
--- a/events/discovery/module_info.json
+++ b/events/discovery/module_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Module Info",
-  "description": "Module Info events report information about loaded modules.",
+  "caption": "Module Query",
+  "description": "Module Query events report information about loaded modules.",
   "extends": "discovery_result",
-  "name": "module_info",
+  "name": "module_query",
   "uid": 11,
   "attributes": {
     "module": {
diff --git a/events/discovery/network_connection_info.json b/events/discovery/network_connection_query.json
similarity index 92%
rename from events/discovery/network_connection_info.json
rename to events/discovery/network_connection_query.json
index 234162c20..e923c0fa2 100644
--- a/events/discovery/network_connection_info.json
+++ b/events/discovery/network_connection_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Network Connection Info",
-  "description": "Network Connection Info events report information about active network connections.",
+  "caption": "Network Connection Query",
+  "description": "Network Connection Query events report information about active network connections.",
   "extends": "discovery_result",
-  "name": "network_connection_info",
+  "name": "network_connection_query",
   "uid": 12,
   "attributes": {
     "connection_info": {
@@ -17,11 +17,12 @@
     "state": {
       "description": "The state of the socket, normalized to the caption of the state_id value. In the case of 'Other', it is defined by the event source.",
       "requirement": "recommended",
-      "group": "primary"
+      "group":"primary"
     },
     "state_id": {
       "description": "The state of the socket.",
       "requirement": "required",
+      "group": "primary",
       "enum": {
         "0": {
           "caption": "Unknown",
@@ -71,8 +72,7 @@
           "caption": "CLOSING",
           "description": "The socket connection has been closed by the local application and the remote peer simultaneously, and the remote peer has not yet acknowledged the close attempt of the local application."
         }
-      },
-      "group": "primary"
+      }
     }
   }
 }
\ No newline at end of file
diff --git a/events/discovery/networks_info.json b/events/discovery/networks_query.json
similarity index 53%
rename from events/discovery/networks_info.json
rename to events/discovery/networks_query.json
index 36edd998c..11e81b3ea 100644
--- a/events/discovery/networks_info.json
+++ b/events/discovery/networks_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Networks Info",
-  "description": "Networks Info events report information about network adapters.",
+  "caption": "Networks Query",
+  "description": "Networks Query events report information about network adapters.",
   "extends": "discovery_result",
-  "name": "networks_info",
+  "name": "networks_query",
   "uid": 13,
   "attributes": {
     "network_interfaces": {
diff --git a/events/discovery/peripheral_device_info.json b/events/discovery/peripheral_device_info.json
deleted file mode 100644
index e715c38de..000000000
--- a/events/discovery/peripheral_device_info.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "caption": "Peripheral Device Info",
-  "description": "Peripheral Device Info events report information about peripheral devices.",
-  "extends": "discovery_result",
-  "name": "peripheral_device_info",
-  "uid": 14,
-  "attributes": {
-    "peripheral_device": {
-      "group": "primary",
-      "requirement": "required"
-    }
-  }
-}
\ No newline at end of file
diff --git a/events/discovery/peripheral_device_query.json b/events/discovery/peripheral_device_query.json
new file mode 100644
index 000000000..1ed901fa8
--- /dev/null
+++ b/events/discovery/peripheral_device_query.json
@@ -0,0 +1,13 @@
+{
+  "caption": "Peripheral Device Query",
+  "description": "Peripheral Device Query events report information about peripheral devices.",
+  "extends": "discovery_result",
+  "name": "peripheral_device_query",
+  "uid": 14,
+  "attributes": {
+    "peripheral_device": {
+      "group": "primary",
+      "requirement": "required"
+    }
+  }
+}
\ No newline at end of file
diff --git a/events/discovery/process_info.json b/events/discovery/process_query.json
similarity index 51%
rename from events/discovery/process_info.json
rename to events/discovery/process_query.json
index aadd6884f..cfae5c88d 100644
--- a/events/discovery/process_info.json
+++ b/events/discovery/process_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Process Info",
-  "description": "Process Info events report information about running processes.",
+  "caption": "Process Query",
+  "description": "Process Query events report information about running processes.",
   "extends": "discovery_result",
-  "name": "process_info",
+  "name": "process_query",
   "uid": 15,
   "attributes": {
     "process": {
diff --git a/events/discovery/service_info.json b/events/discovery/service_query.json
similarity index 51%
rename from events/discovery/service_info.json
rename to events/discovery/service_query.json
index aec0d9269..825d95906 100644
--- a/events/discovery/service_info.json
+++ b/events/discovery/service_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Service Info",
-  "description": "Service Info events report information about running services.",
+  "caption": "Service Query",
+  "description": "Service Query events report information about running services.",
   "extends": "discovery_result",
-  "name": "service_info",
+  "name": "service_query",
   "uid": 16,
   "attributes": {
     "service": {
diff --git a/events/discovery/session_info.json b/events/discovery/session_info.json
deleted file mode 100644
index 985212663..000000000
--- a/events/discovery/session_info.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "caption": "User Session Info",
-  "description": "User Session Info events report information about existing user sessions.",
-  "extends": "discovery_result",
-  "name": "session_info",
-  "uid": 17,
-  "attributes": {
-    "session": {
-      "requirement": "required",
-      "group": "primary"
-    }
-  }
-}
\ No newline at end of file
diff --git a/events/discovery/session_query.json b/events/discovery/session_query.json
new file mode 100644
index 000000000..0eb3d330d
--- /dev/null
+++ b/events/discovery/session_query.json
@@ -0,0 +1,13 @@
+{
+  "caption": "User Session Query",
+  "description": "User Session Query events report information about existing user sessions.",
+  "extends": "discovery_result",
+  "name": "session_query",
+  "uid": 17,
+  "attributes": {
+    "session": {
+      "requirement": "required",
+      "group": "primary"
+    }
+  }
+}
\ No newline at end of file
diff --git a/events/discovery/user_info.json b/events/discovery/user_info.json
deleted file mode 100644
index b4a5ced4a..000000000
--- a/events/discovery/user_info.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "caption": "User Info",
-  "description": "User Info events report user data that have been discovered, queried, polled or searched. This event differs from User Inventory as it describes the result of a targeted search by filtering a subset of user attributes.",
-  "extends": "discovery_result",
-  "name": "user_info",
-  "uid": 18,
-  "attributes": {
-    "user": {
-      "group": "primary",
-      "requirement": "required"
-    }
-  }
-}
\ No newline at end of file
diff --git a/events/discovery/user_query.json b/events/discovery/user_query.json
new file mode 100644
index 000000000..9f3f3cce8
--- /dev/null
+++ b/events/discovery/user_query.json
@@ -0,0 +1,13 @@
+{
+  "caption": "User Query",
+  "description": "User Query events report user data that have been discovered, queried, polled or searched. This event differs from User Inventory as it describes the result of a targeted search by filtering a subset of user attributes.",
+  "extends": "discovery_result",
+  "name": "user_query",
+  "uid": 18,
+  "attributes": {
+    "user": {
+      "group": "primary",
+      "requirement": "required"
+    }
+  }
+}
\ No newline at end of file
diff --git a/extensions/macos/events/startup_app_info.json b/extensions/macos/events/startup_app_info.json
deleted file mode 100644
index 5ac6ef8ee..000000000
--- a/extensions/macos/events/startup_app_info.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "caption": "Startup Application Info",
-  "description": "Startup Application Info events report information about startup applications.",
-  "extends": "discovery_result",
-  "name": "startup_app_info",
-  "uid": 19,
-  "attributes": {
-    "startup_app": {
-      "group": "primary",
-      "requirement": "required"
-    }
-  }
-}
\ No newline at end of file
diff --git a/extensions/macos/events/startup_app_query.json b/extensions/macos/events/startup_app_query.json
new file mode 100644
index 000000000..14d4f8229
--- /dev/null
+++ b/extensions/macos/events/startup_app_query.json
@@ -0,0 +1,13 @@
+{
+  "caption": "Startup Application Query",
+  "description": "Startup Application Query events report information about startup applications.",
+  "extends": "discovery_result",
+  "name": "startup_app_query",
+  "uid": 19,
+  "attributes": {
+    "startup_app": {
+      "group": "primary",
+      "requirement": "required"
+    }
+  }
+}
\ No newline at end of file
diff --git a/extensions/windows/events/prefetch_info.json b/extensions/windows/events/prefetch_query.json
similarity index 75%
rename from extensions/windows/events/prefetch_info.json
rename to extensions/windows/events/prefetch_query.json
index b38b8235d..28995e779 100644
--- a/extensions/windows/events/prefetch_info.json
+++ b/extensions/windows/events/prefetch_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Prefetch Info",
-  "description": "Prefetch Info events report information about Windows prefetch files.",
+  "caption": "Prefetch Query",
+  "description": "Prefetch Query events report information about Windows prefetch files.",
   "extends": "discovery_result",
-  "name": "prefetch_info",
+  "name": "prefetch_query",
   "uid": 19,
   "attributes": {
     "last_run_time": {
diff --git a/extensions/windows/events/registry_key_info.json b/extensions/windows/events/registry_key_query.json
similarity index 56%
rename from extensions/windows/events/registry_key_info.json
rename to extensions/windows/events/registry_key_query.json
index 38c383970..b73bcc1cc 100644
--- a/extensions/windows/events/registry_key_info.json
+++ b/extensions/windows/events/registry_key_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Registry Key Info",
-  "description": "Registry Key Info events report information about discovered Windows registry keys.",
+  "caption": "Registry Key Query",
+  "description": "Registry Key Query events report information about discovered Windows registry keys.",
   "extends": "discovery_result",
-  "name": "registry_key_info",
+  "name": "registry_key_query",
   "uid": 4,
   "attributes": {
     "reg_key": {
diff --git a/extensions/windows/events/registry_value_info.json b/extensions/windows/events/registry_value_query.json
similarity index 55%
rename from extensions/windows/events/registry_value_info.json
rename to extensions/windows/events/registry_value_query.json
index 7459dbdd4..f194ed92b 100644
--- a/extensions/windows/events/registry_value_info.json
+++ b/extensions/windows/events/registry_value_query.json
@@ -1,8 +1,8 @@
 {
-  "caption": "Registry Value Info",
-  "description": "Registry Value Info events report information about discovered Windows registry values.",
+  "caption": "Registry Value Query",
+  "description": "Registry Value Query events report information about discovered Windows registry values.",
   "extends": "discovery_result",
-  "name": "registry_value_info",
+  "name": "registry_value_query",
   "uid": 5,
   "attributes": {
     "reg_value": {