CrowdStrike_Secondary_Data_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index

Attribute Value
Category Crowdstrike
Ingestion API Supported ✓ Yes

Contents

Schema (61 columns)

Source: Connector definition

Column Name Type Description
AdditionalFields dynamic
AgentLoadFlags string
AgentLocalTime string
AgentTimeOffset string
AgentVersion string
aid string
aip string
BiosManufacturer string
BiosVersion string
Category string
ChassisType string
cid string
City string
CompanyName string
ComputerName string
ConfigBuild string
ConfigIDBuild string
Continent string
Country string
CurrentLocalIP string
detectionCount string
discoverer_aid string
discoverer_devicetype string
discovererCount string
event_platform string
externalIP string
FalconGroupingTags string
FileName string
FileVersion string
FirstDiscoveredDate string
FirstSeen string
FolderName string
GatewayIP string
GatewayMAC string
HostHiddenStatus string
hostname string
installationTimestamp string
InterfaceAlias string
InterfaceDescription string
LastDiscoveredBy string
LocalAddressIP4 string
localipCount string
MAC string
MachineDomain string
MACPrefix string
OU string
PointerSize string
ProductName string
ProductType string
ProductVersion string
SensorGroupingTags string
ServicePackMajor string
SHA256HashData string
SiteName string
SoftwareType string
subnet string
SystemManufacturer string
SystemProductName string
TimeGenerated datetime The timestamp (UTC) reflecting the time in which the event was generated.
Timezone string
Version string

Solutions (1)

This table is used by the following solutions:

Connectors (2)

This table is ingested by the following connectors:

Connector Selection Criteria
CrowdStrike Falcon Data Replicator (AWS S3) (via Codeless Connector Framework)
[DEPRECATED] CrowdStrike Falcon Data Replicator (CrowdStrike Managed AWS-S3) (using Azure Function)

Parsers Using This Table (1)

Other Parsers (1)

Parser Solution Selection Criteria
CrowdStrikeReplicatorV2 CrowdStrike Falcon Endpoint Protection

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index