Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| _ResourceId | string |
| category | string |
| certainty | real |
| Computer | string |
| d_detection_details | dynamic |
| d_type_vname | string |
| detail | dynamic |
| detection_href | string |
| detection_id | real |
| detection_type | string |
| entity_id | real |
| entity_name | string |
| entity_type | string |
| entity_uid | string |
| event_timestamp | datetime |
| grouped_details | dynamic |
| id | real |
| is_targeting_key_asset | string |
| ManagementGroupName | string |
| MG | string |
| mitre | dynamic |
| normal_domains | dynamic |
| RawData | string |
| severity | real |
| SourceSystem | string |
| src_host | dynamic |
| src_ip | string |
| summary | dynamic |
| tags | dynamic |
| TenantId | string |
| threat | real |
| TimeGenerated | datetime |
| triaged | bool |
| Type | string |
| url | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Vectra XDR |
In solution Vectra XDR:
| Analytic Rule | Selection Criteria |
|---|---|
| Vectra Create Detection Alert for Accounts | |
| Vectra Create Detection Alert for Hosts |
In solution Vectra XDR:
| Workbook | Selection Criteria |
|---|---|
| VectraXDR |
| Parser | Solution | Selection Criteria |
|---|---|---|
| VectraDetections | Vectra XDR |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊