D3SOARIncidents_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Tables Index

---

Attribute	Value
Ingestion API Supported	✓ Yes

Contents

• Schema
• Solutions
• Connectors
• Content Items

Schema (23 columns)

Source: Connector definition

Column Name	Type
DateCreated	datetime
DateModified	datetime
EventRawData	dynamic
IncidentConclusion	string
IncidentCreator	string
IncidentDescription	string
IncidentDisposition	string
IncidentNumber	string
IncidentOwner	string
IncidentPlaybook	string
IncidentPriority	string
IncidentRawData	dynamic
IncidentSeverity	string
IncidentStage	string
IncidentStatus	string
IncidentTags	string
IncidentTimezone	string
IncidentTitle	string
IncidentType	string
InvestigationTeam	string
LinkedIncidents	dynamic
RawRecord	dynamic
TimeGenerated	datetime

Solutions (1)

This table is used by the following solutions:

• D3SmartSOAR

Connectors (1)

This table is ingested by the following connectors:

Connector	Selection Criteria
D3 Smart SOAR Incidents

---

Content Items Using This Table (1)

Analytic Rules (1)

In solution D3SmartSOAR:

Analytic Rule	Selection Criteria
D3 Smart SOAR - High or critical severity incident detected

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Tables Index