Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| alert_object_uid | string |
| Alert_title | string |
| alert_uid | string |
| asset_comments | string |
| categories | dynamic |
| category | string |
| country | string |
| country_code | string |
| first_seen | datetime |
| ip | string |
| ip_version | int |
| is_third_party | bool |
| isp | string |
| last_seen | datetime |
| last_users_reported | datetime |
| notes | dynamic |
| reports | dynamic |
| risk_score | int |
| safe_flag_comments | string |
| safe_flag_marked_by | string |
| safe_flag_marked_date | string |
| severity | string |
| status | string |
| sub_category | string |
| sub_domain | string |
| threat_actors | dynamic |
| TimeGenerated | datetime |
| top_domain | string |
| uid | string |
| usage_type | string |
| use_cases | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| CYFIRMA Attack Surface |
In solution Cyfirma Attack Surface:
| Analytic Rule | Selection Criteria |
|---|---|
| CYFIRMA - Attack Surface - Malicious Domain/IP Reputation High Rule | |
| CYFIRMA - Attack Surface - Malicious Domain/IP Reputation Medium Rule |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊