Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| _ResourceId | string |
| alert_name | string |
| alert_type_id | string |
| assets | string |
| Category | string |
| Computer | string |
| content | string |
| date | string |
| id | string |
| lang | string |
| langcode | string |
| ManagementGroupName | string |
| MG | string |
| portal_url | string |
| RawData | string |
| read | bool |
| Severity | int |
| SourceSystem | string |
| status_name | string |
| sub_alerts | string |
| sub_alertsize | real |
| TenantId | string |
| threat_actor | string |
| threat_level | string |
| threatource | string |
| threats | string |
| TimeGenerated | datetime |
| title | string |
| Type | string |
| user_id | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Cybersixgill Actionable Alerts |
In solution Cybersixgill-Actionable-Alerts:
| Hunting Query | Selection Criteria |
|---|---|
| Cybersixgill Actionable alerts |
In solution Cybersixgill-Actionable-Alerts:
| Workbook | Selection Criteria |
|---|---|
| ActionableAlertsDashboard | |
| ActionableAlertsList |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊