Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: Connector definition
| Column Name | Type | Description |
|---|---|---|
| Action | string | If the violation was Blocked or Monitored. |
| Application | string | The application of the request. |
| ApplicationCategoryName | string | The category of the requested web application. |
| ContentType | string | The mime type of the file that matches the data identifier. |
| DataClassification | string | The data classification whose data identifier matched on the violation. |
| DataIdentifier | string | The data identifier that matched on the request. |
| Destination | string | The domain of the request. |
| DestinationIp | string | The IP address of the destination. |
| DestinationPort | string | The port of the destination. |
| DestinationProtocol | string | The protocol of the destination. |
| EventType | string | The type of event that matched a data identifier. Real Time denotes a proxy-based DLP event triggered by a Real Time rule and SaaS API denotes a DLP event triggered by any of the SaaS API rules. |
| FileLabel | string | The file name label that matched on the file properties. |
| FileSize | string | The size of the file in bytes. |
| Identity | string | The source that triggered the violation. |
| Name | string | The name of the file. |
| OrganizationId | string | The Secure Access organization ID. |
| Owner | string | The owner of the file. |
| PrivateResourceGroupName | string | The private resource group name if the matched rule destination was a private resource group. |
| PrivateResourceName | string | The name of the private resource. |
| Rule | string | The DLP rule name. |
| Severity | string | The severity of the rule: Low/Info, Medium/Warn, High/Alert, or Critical. |
| Sha256Hash | string | The hex digest of the response content. |
| TimeGenerated | datetime | |
| Timestamp | string | The date and time of the DLP event, expressed as a UTC-formatted string. |
| TrafficDirection | string | Direction of traffic. (Applies only to some applications, such as OpenAI API and OpenAI ChatGPT.) |
| UniqueEventId | string | The unique identifier for the event. There can be multiple violation matches in one event. |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Cisco Umbrella (via Codeless Connector Framework) | |
| Cisco Cloud Security | |
| Cisco Cloud Security (using elastic premium plan) |
GitHub Only:
In solution CiscoUmbrella:
In solution CiscoUmbrella:
| Workbook | Selection Criteria |
|---|---|
| CiscoUmbrella |
| Parser | Solution | Selection Criteria |
|---|---|---|
| Cisco_Umbrella | CiscoUmbrella |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊