Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| _ResourceId | string |
| api_client_id | string |
| Computer | string |
| entity_type | string |
| event_action | string |
| event_data | dynamic |
| event_object | string |
| event_timestamp | datetime |
| id | real |
| ManagementGroupName | string |
| message | string |
| MG | string |
| RawData | string |
| result_status | string |
| source_ip | string |
| SourceSystem | string |
| TenantId | string |
| TimeGenerated | datetime |
| Type | string |
| user_id | real |
| user_role | string |
| user_type | string |
| username | string |
| version | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Vectra XDR |
In solution Vectra XDR:
| Workbook | Selection Criteria |
|---|---|
| VectraXDR |
| Parser | Schema | Product | Selection Criteria |
|---|---|---|---|
| ASimAuditEventVectraXDRAudit | AuditEvent | Vectra | |
| ASimAuthenticationVectraXDRAudit | Authentication | Vectra |
| Parser | Solution | Selection Criteria |
|---|---|---|
| VectraAudits | Vectra XDR |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊