Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Reference for CrowdStrikeVulnerabilities table in Azure Monitor Logs.
| Attribute | Value |
|---|---|
| Category | Crowdstrike |
| Basic Logs Eligible | ✓ Yes (source) |
| Supports Transformations | ✓ Yes (source) |
| Ingestion API Supported | ✓ Yes |
| Azure Monitor Tables Reference | View Documentation |
| Azure Monitor Logs Ingestion API | View Documentation |
Source: Azure Monitor documentation
| Column Name | Type | Description |
|---|---|---|
| _BilledSize | real | The record size in bytes |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable is false ingestion isn't billed to your Azure account |
| Aid | string | Agent ID of the system where vulnerability was detected. |
| App | dynamic | Detailed information about the affected application. |
| Apps | dynamic | List of affected applications. |
| Cid | string | Customer ID in the CrowdStrike platform. |
| Confidence | string | Confidence level of the vulnerability detection. |
| CreatedTimestamp | datetime | Timestamp when the vulnerability was first detected. |
| Cve | dynamic | Common Vulnerabilities and Exposures (CVE) information. |
| DataProviders | dynamic | List of data providers that reported this vulnerability. |
| HostInfo | dynamic | Information about the affected host system. |
| Id | string | Unique identifier for the vulnerability record. |
| Remediation | dynamic | Remediation steps or recommendations for the vulnerability. |
| SourceSystem | string | The type of agent the event was collected by. For example, OpsManager for Windows agent, either direct connect or Operations Manager, Linux for all Linux agents, or Azure for Azure Diagnostics |
| Status | string | Current status of the vulnerability. |
| SuppressionInfo | dynamic | Information about vulnerability suppression if applied. |
| TenantId | string | The Log Analytics workspace ID |
| TimeGenerated | datetime | The timestamp (UTC) when the event was ingested. |
| Type | string | The name of the table |
| UpdatedTimestamp | datetime | Timestamp when the vulnerability record was last updated. |
| VulnerabilityId | string | Unique identifier for the specific vulnerability. |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| CrowdStrike API Data Connector (via Codeless Connector Framework) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊