Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Custom Log V1 | Yes 🔶 — uses type-suffixed column names |
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| _ResourceId | string |
| ActorUserId | string |
| ActorUsername | string |
| architecture_s | string |
| arguments_authenticated_as_local_admin_d | real |
| arguments_authenticated_as_thijs_d | real |
| arguments_authenticated_as_thijs_xhaflaire_d | real |
| arguments_child_PID_d | real |
| arguments_cmd_d | real |
| arguments_fd_d | real |
| arguments_flags_d | real |
| arguments_known_UID__d | real |
| arguments_length_d | real |
| arguments_policy_d | real |
| attributes_device_d | real |
| attributes_file_access_mode_d | real |
| attributes_file_system_id_d | real |
| attributes_node_id_d | real |
| attributes_owner_group_id_d | real |
| attributes_owner_group_name_s | string |
| attributes_owner_user_id_d | real |
| attributes_owner_user_name_s | string |
| bios_firmware_versions_booter_version_s | string |
| bios_firmware_versions_firmware_version_s | string |
| bios_firmware_versions_release_date_s | string |
| bios_firmware_versions_rom_size_d | real |
| bios_firmware_versions_system_firmware_version_s | string |
| bios_firmware_versions_vendor_s | string |
| bios_firmware_versions_version_s | string |
| Computer | string |
| contents_s | string |
| context_identity_claims_certid_s | string |
| context_identity_claims_clientid_g | string |
| context_identity_claims_hd_s | string |
| DnsQuery | string |
| DnsQueryName | string |
| DnsQueryTypeName | string |
| DnsResponseName | string |
| DstIpAddr | string |
| DstPortNumber | real |
| DvcAction | string |
| DvcHostname | string |
| DvcId | string |
| DvcIpAddr | string |
| DvcOs | string |
| DvcOsVersion | string |
| event_accessPointBssid_s | string |
| event_account_customerId_g | string |
| event_account_name_s | string |
| event_account_parentId_g | string |
| event_action_s | string |
| event_alertId_g | string |
| event_app_id_s | string |
| event_app_name_s | string |
| event_app_sha1_s | string |
| event_app_sha256_s | string |
| event_app_version_s | string |
| event_blocked_b | bool |
| event_destination_ip_s | string |
| event_destination_ips_s | string |
| event_destination_name_s | string |
| event_device_deviceId_g | string |
| event_device_deviceName_s | string |
| event_device_externalId_g | string |
| event_device_externalId_s | string |
| event_device_os_s | string |
| event_device_osType_s | string |
| event_device_userDeviceName_g | string |
| event_device_userDeviceName_s | string |
| event_dns_recordType_s | string |
| event_dns_responseStatus_s | string |
| event_dns_ttl_d | real |
| event_domain_s | string |
| event_eventType_description_s | string |
| event_eventType_id_s | string |
| event_eventType_name_s | string |
| event_eventUrl_s | string |
| event_hostName_s | string |
| event_location_s | string |
| event_metadata_product_s | string |
| event_metadata_schemaVersion_s | string |
| event_metadata_vendor_s | string |
| event_networkInterface_s | string |
| event_receiptTime_d | real |
| event_severity_d | real |
| event_signatureId_id_s | string |
| event_signatureId_name_s | string |
| event_source_ip_s | string |
| event_threat_result_s | string |
| event_threat_types_s | string |
| event_timestamp_t | datetime |
| event_tld_s | string |
| event_user_email_s | string |
| event_user_name_g | string |
| event_user_name_s | string |
| EventDescription | dynamic |
| EventMatch | string |
| EventMatchType | string |
| EventMessage | dynamic |
| EventProduct | string |
| EventReportUrl | string |
| EventResult | string |
| EventSeverity | string |
| EventStartTime | datetime |
| EventSubType | string |
| EventType | string |
| EventVendor | string |
| exec_args_args_10_g | string |
| exec_args_args_10_s | string |
| exec_args_args_11_s | string |
| exec_args_args_12_s | string |
| exec_args_args_13_s | string |
| exec_args_args_14_s | string |
| exec_args_args_15_s | string |
| exec_args_args_16_s | string |
| exec_args_args_17_s | string |
| exec_args_args_18_s | string |
| exec_args_args_19_s | string |
| exec_args_args_1_s | string |
| exec_args_args_20_s | string |
| exec_args_args_21_s | string |
| exec_args_args_22_s | string |
| exec_args_args_23_s | string |
| exec_args_args_24_s | string |
| exec_args_args_25_s | string |
| exec_args_args_26_s | string |
| exec_args_args_27_s | string |
| exec_args_args_28_s | string |
| exec_args_args_29_s | string |
| exec_args_args_2_g | string |
| exec_args_args_2_s | string |
| exec_args_args_30_s | string |
| exec_args_args_31_s | string |
| exec_args_args_32_s | string |
| exec_args_args_33_s | string |
| exec_args_args_34_s | string |
| exec_args_args_35_s | string |
| exec_args_args_36_s | string |
| exec_args_args_37_s | string |
| exec_args_args_38_s | string |
| exec_args_args_39_s | string |
| exec_args_args_3_g | string |
| exec_args_args_3_s | string |
| exec_args_args_40_s | string |
| exec_args_args_41_s | string |
| exec_args_args_42_s | string |
| exec_args_args_43_s | string |
| exec_args_args_44_s | string |
| exec_args_args_45_s | string |
| exec_args_args_46_s | string |
| exec_args_args_4_s | string |
| exec_args_args_5_g | string |
| exec_args_args_5_s | string |
| exec_args_args_6_s | string |
| exec_args_args_7_s | string |
| exec_args_args_8_s | string |
| exec_args_args_9_s | string |
| exec_args_args_compiled_s | string |
| exec_chain_child_parent_path_s | string |
| exec_chain_child_parent_pid_d | real |
| exec_chain_child_parent_uuid_g | string |
| exec_chain_parent_uuid_g | string |
| exec_chain_thread_uuid_g | string |
| exec_env_env___AUTHORIZATION_s | string |
| exec_env_env___CF_USER_TEXT_ENCODING_s | string |
| exec_env_env___CFBundleIdentifier_s | string |
| exec_env_env___CFPREFERENCES_AVOID_DAEMON_s | string |
| exec_env_envPYVENVLAUNCHER_s | string |
| exec_env_env___s | string |
| exec_env_env__BASH_IMPLICIT_DASH_PEE_s | string |
| exec_env_env__dbx_is_monitored_crashpad_s | string |
| exec_env_env__dbx_report_is_monitored_s | string |
| exec_env_env__dbx_report_session_id_g | string |
| exec_env_env_AMTLogFormat_s | string |
| exec_env_env_APP_SANDBOX_CONTAINER_ID_s | string |
| exec_env_env_CFFIXED_USER_HOME_s | string |
| exec_env_env_COLUMNS_s | string |
| exec_env_env_com_adobe_drive_client_applocale_s | string |
| exec_env_env_com_adobe_drive_client_appname_s | string |
| exec_env_env_com_adobe_drive_client_appversion_s | string |
| exec_env_env_COMMAND_LINE_INSTALL_s | string |
| exec_env_env_COMMAND_MODE_s | string |
| exec_env_env_compiled_s | string |
| exec_env_env_compiler__s | string |
| exec_env_env_CPATH_s | string |
| exec_env_env_CR_DEVELOPER_DIR_s | string |
| exec_env_env_CR_DIAGNOSTICS_COMMAND_s | string |
| exec_env_env_CR_DIAGNOSTICS_s | string |
| exec_env_env_CR_ENCODING_NAME_s | string |
| exec_env_env_CR_ENCODING_s | string |
| exec_env_env_CR_FILE_s | string |
| exec_env_env_CR_FILENAME_s | string |
| exec_env_env_CR_INPUT__s | string |
| exec_env_env_CR_LANGUAGE_DIR_s | string |
| exec_env_env_CR_RUN_COMMAND_s | string |
| exec_env_env_CR_RUNID_s | string |
| exec_env_env_CR_SCRIPTS_DIR_s | string |
| exec_env_env_CR_SUGGESTED_OUTPUT_FILE_s | string |
| exec_env_env_CR_TMPDIR_s | string |
| exec_env_env_CR_UNSAVED_DIR_s | string |
| exec_env_env_CR_VERSION_s | string |
| exec_env_env_CUPS_DEBUG_FILTER_s | string |
| exec_env_env_CUPS_DEBUG_LEVEL_s | string |
| exec_env_env_CUPS_DEBUG_LOG_s | string |
| exec_env_env_DBX_PREINSTALL_OUT__s | string |
| exec_env_env_DSTROOT_s | string |
| exec_env_env_DSTVOLUME_s | string |
| exec_env_env_EDGE_BROWSER_PID_s | string |
| exec_env_env_ENSUREPIP_OPTIONS_s | string |
| exec_env_env_EXTENSION_KIT_EXTENSION_TYPE_s | string |
| exec_env_env_filename_s | string |
| exec_env_env_HOME_s | string |
| exec_env_env_IFS_s | string |
| exec_env_env_INSTALL_PKG_SESSION_ID_s | string |
| exec_env_env_INSTALLER_PAYLOAD_DIR_s | string |
| exec_env_env_INSTALLER_SECURE_TEMP_s | string |
| exec_env_env_INSTALLER_TEMP_s | string |
| exec_env_env_is_managed_deploy_s | string |
| exec_env_env_JAMF_PROTECT_REPAIR_COMMAND_s | string |
| exec_env_env_killed_teams_s | string |
| exec_env_env_LANG__s | string |
| exec_env_env_LANG_s | string |
| exec_env_env_LAUNCHCTL_ENV_REEXEC_s | string |
| exec_env_env_LaunchInstanceID_g | string |
| exec_env_env_LC_ALL__s | string |
| exec_env_env_LC_CTYPE_s | string |
| exec_env_env_LIBRARY_PATH_s | string |
| exec_env_env_local_user_s | string |
| exec_env_env_LOGNAME_s | string |
| exec_env_env_MAIL_s | string |
| exec_env_env_MallocCorruptionAbort_s | string |
| exec_env_env_MallocMaxMagazines_s | string |
| exec_env_env_MallocNanoZone_s | string |
| exec_env_env_MallocProbGuardViaLaunchd_s | string |
| exec_env_env_MallocSpaceEfficient_s | string |
| exec_env_env_MANPATH_s | string |
| exec_env_env_MTL_SHADER_CACHE_SIZE_s | string |
| exec_env_env_NODE_CHANNEL_FD_s | string |
| exec_env_env_NODE_CHANNEL_SERIALIZATION_MODE_s | string |
| exec_env_env_NSRunningFromLaunchd_s | string |
| exec_env_env_OLDPWD_s | string |
| exec_env_env_ORIGINAL_XDG_CURRENT_DESKTOP_s | string |
| exec_env_env_OS_ACTIVITY_ENABLE_DYNAMIC_s | string |
| exec_env_env_OS_ACTIVITY_MODE_s | string |
| exec_env_env_PACKAGE_PATH_s | string |
| exec_env_env_PATH_s | string |
| exec_env_env_PIP_CONFIG_FILE_s | string |
| exec_env_env_pkg_path_s | string |
| exec_env_env_plist_contents_s | string |
| exec_env_env_PS1_s | string |
| exec_env_env_PWD_s | string |
| exec_env_env_PYSIDE63_OPTION_PYTHON_ENUM_s | string |
| exec_env_env_QML2_IMPORT_PATH_s | string |
| exec_env_env_QT_PLUGIN_PATH_s | string |
| exec_env_env_SCRIPT_NAME_s | string |
| exec_env_env_SDKROOT_s | string |
| exec_env_env_SECURITYSESSIONID_s | string |
| exec_env_env_SHARED_INSTALLER_TEMP_s | string |
| exec_env_env_SHELL_s | string |
| exec_env_env_SHLVL_s | string |
| exec_env_env_SQLITE_EXEMPT_PATH_FROM_VNODE_GUARDS_s | string |
| exec_env_env_SSH_AUTH_SOCK_s | string |
| exec_env_env_SSH_CLIENT_s | string |
| exec_env_env_SSH_CONNECTION_s | string |
| exec_env_env_SSH_TTY_s | string |
| exec_env_env_SUDO_COMMAND_s | string |
| exec_env_env_SUDO_GID_s | string |
| exec_env_env_SUDO_UID_s | string |
| exec_env_env_SUDO_USER_s | string |
| exec_env_env_SYSTEM_VERSION_COMPAT_s | string |
| exec_env_env_TERM_PROGRAM_s | string |
| exec_env_env_TERM_PROGRAM_VERSION_s | string |
| exec_env_env_TERM_s | string |
| exec_env_env_TERM_SESSION_ID_g | string |
| exec_env_env_TMPDIR_s | string |
| exec_env_env_USER_s | string |
| exec_env_env_VIRTUAL_ENV_s | string |
| exec_env_env_XPC_FLAGS_s | string |
| exec_env_env_XPC_SERVICE_NAME_s | string |
| expiration_d | real |
| file_path_s | string |
| file_size_d | real |
| GroupName | dynamic |
| header_event_id_d | real |
| header_event_modifier_d | real |
| header_event_name_s | string |
| header_event_uuid_g | string |
| header_time_milliseconds_offset_d | real |
| header_time_seconds_epoch_d | real |
| header_version_d | real |
| host_info_host_name_s | string |
| host_info_host_uuid_g | string |
| host_info_osversion_s | string |
| host_info_serial_number_s | string |
| identity_cd_hash_s | string |
| identity_signer_id_s | string |
| identity_signer_id_truncated_b | bool |
| identity_signer_type_d | real |
| identity_team_id_s | string |
| identity_team_id_truncated_b | bool |
| input_context_hd_s | string |
| input_event_message_s | string |
| input_eventType_s | string |
| input_host_hostname_s | string |
| input_host_ips_s | string |
| input_host_os_s | string |
| input_host_provisioningUDID_g | string |
| input_host_provisioningUDID_s | string |
| input_host_serial_s | string |
| input_match_actions_s | string |
| input_match_context_s | string |
| input_match_custom_b | bool |
| input_match_event_bavail_d | real |
| input_match_event_bfree_d | real |
| input_match_event_blocked_b | bool |
| input_match_event_blocks_d | real |
| input_match_event_bsize_d | real |
| input_match_event_category_s | string |
| input_match_event_clickType_d | real |
| input_match_event_composedMessage_s | string |
| input_match_event_deadline_d | real |
| input_match_event_dev_d | real |
| input_match_event_device_blockSize_d | real |
| input_match_event_device_bsdMajor_d | real |
| input_match_event_device_bsdMinor_d | real |
| input_match_event_device_bsdName_s | string |
| input_match_event_device_bsdUnit_d | real |
| input_match_event_device_busName_s | string |
| input_match_event_device_busPath_s | string |
| input_match_event_device_content_g | string |
| input_match_event_device_content_s | string |
| input_match_event_device_deviceClass_d | real |
| input_match_event_device_deviceModel_s | string |
| input_match_event_device_devicePath_s | string |
| input_match_event_device_deviceSubClass_d | real |
| input_match_event_device_encryptionDetail_d | real |
| input_match_event_device_isEjectable_b | bool |
| input_match_event_device_isEncrypted_b | bool |
| input_match_event_device_isInternal_b | bool |
| input_match_event_device_isLeaf_b | bool |
| input_match_event_device_isMountable_b | bool |
| input_match_event_device_isNetworkVolume_b | bool |
| input_match_event_device_isRemovable_b | bool |
| input_match_event_device_isWhole_b | bool |
| input_match_event_device_isWritable_b | bool |
| input_match_event_device_mediaKind_s | string |
| input_match_event_device_mediaName_s | string |
| input_match_event_device_mediaPath_s | string |
| input_match_event_device_productId_d | real |
| input_match_event_device_productId_s | string |
| input_match_event_device_productName_s | string |
| input_match_event_device_protocol_s | string |
| input_match_event_device_removable_b | bool |
| input_match_event_device_revision_s | string |
| input_match_event_device_serialNumber_s | string |
| input_match_event_device_size_d | real |
| input_match_event_device_unit_d | real |
| input_match_event_device_vendorId_d | real |
| input_match_event_device_vendorId_s | string |
| input_match_event_device_vendorName_s | string |
| input_match_event_device_volumeKind_s | string |
| input_match_event_device_volumeName_s | string |
| input_match_event_device_volumeType_s | string |
| input_match_event_device_writable_b | bool |
| input_match_event_eventID_d | real |
| input_match_event_eventType_s | string |
| input_match_event_ffree_d | real |
| input_match_event_files_d | real |
| input_match_event_flags_d | real |
| input_match_event_flagsExt_d | real |
| input_match_event_fsid_s | string |
| input_match_event_fsSubType_d | real |
| input_match_event_fsTypeName_s | string |
| input_match_event_gid_d | real |
| input_match_event_globalSequenceNumber_d | real |
| input_match_event_iNode_d | real |
| input_match_event_iosize_d | real |
| input_match_event_isReadOnly_b | bool |
| input_match_event_machTimestamp_d | real |
| input_match_event_matchName_s | string |
| input_match_event_matchType_s | string |
| input_match_event_matchValue_s | string |
| input_match_event_mntFromName_s | string |
| input_match_event_mntOnName_s | string |
| input_match_event_name_s | string |
| input_match_event_owner_d | real |
| input_match_event_path_s | string |
| input_match_event_pid_d | real |
| input_match_event_prevFile_s | string |
| input_match_event_process_appPath_s | string |
| input_match_event_process_args_s | string |
| input_match_event_process_exitCode_d | real |
| input_match_event_process_g | string |
| input_match_event_process_gid_d | real |
| input_match_event_process_name_s | string |
| input_match_event_process_originalParentPID_d | real |
| input_match_event_process_path_s | string |
| input_match_event_process_pgid_d | real |
| input_match_event_process_pid_d | real |
| input_match_event_process_ppid_d | real |
| input_match_event_process_processFlags_s | string |
| input_match_event_process_responsiblePID_d | real |
| input_match_event_process_rgid_d | real |
| input_match_event_process_ruid_d | real |
| input_match_event_process_s | string |
| input_match_event_process_signingInfo_s | string |
| input_match_event_process_startTimestamp_d | real |
| input_match_event_process_tty_s | string |
| input_match_event_process_uid_d | real |
| input_match_event_process_uuid_g | string |
| input_match_event_processIdentifier_d | real |
| input_match_event_processImagePath_s | string |
| input_match_event_rateLimitingSecs_d | real |
| input_match_event_scriptPath_s | string |
| input_match_event_sender_s | string |
| input_match_event_senderImagePath_s | string |
| input_match_event_sequenceNumber_d | real |
| input_match_event_subsystem_s | string |
| input_match_event_subType_d | real |
| input_match_event_tags_s | string |
| input_match_event_targetpid_d | real |
| input_match_event_timestamp_d | real |
| input_match_event_type_d | real |
| input_match_event_uid_d | real |
| input_match_event_usbAddress_d | real |
| input_match_event_usbPort_d | real |
| input_match_event_uuid_g | string |
| input_match_event_version_d | real |
| input_match_facts_s | string |
| input_match_severity_d | real |
| input_match_tags_s | string |
| input_match_uuid_g | string |
| input_related_binaries_s | string |
| input_related_files_s | string |
| input_related_groups_s | string |
| input_related_processes_s | string |
| input_related_users_s | string |
| input_reportType_s | string |
| input_version_d | real |
| key_g | string |
| ManagementGroupName | string |
| Match_actions | dynamic |
| Match_event_process_signing | dynamic |
| Match_facts | dynamic |
| Match_tags | dynamic |
| metrics_hw_model_s | string |
| metrics_tasks_s | string |
| MG | string |
| NetworkProtocolVersion | string |
| org_acceptedSlasaTimestamp_t | datetime |
| org_acceptedSlasaUser_s | string |
| org_acceptedSlasaVersion_d | real |
| org_accountBusinessType_s | string |
| org_active_b | bool |
| org_appClientId_s | string |
| org_caid_s | string |
| org_cluster_id_s | string |
| org_complianceReporterEnabled_b | bool |
| org_complianceReporterOnly_b | bool |
| org_complianceReporterReleaseGroup_d | real |
| org_configFreeze_b | bool |
| org_created_t | datetime |
| org_csrid_s | string |
| org_customSlasa_b | bool |
| org_description_s | string |
| org_eulaAccepted_b | bool |
| org_forward_s3_bucket_s | string |
| org_forward_s3_enabled_b | bool |
| org_forward_s3_encrypted_b | bool |
| org_forward_s3_prefix_s | string |
| org_forward_s3_role_s | string |
| org_forward_sentinel_customerId_g | string |
| org_forward_sentinel_domain_s | string |
| org_forward_sentinel_enabled_b | bool |
| org_forward_sentinel_logType_s | string |
| org_forward_sentinel_sharedKey_s | string |
| org_hd_s | string |
| org_installerUuid_g | string |
| org_isJamfNowTenant_b | bool |
| org_migrationStatus_s | string |
| org_name_s | string |
| org_releaseGroup_d | real |
| org_retention_cold_alert_numberOfDays_d | real |
| org_retention_cold_log_numberOfDays_d | real |
| org_retention_database_alert_numberOfDays_d | real |
| org_retention_database_alert_recordCount_d | real |
| org_retention_database_log_numberOfDays_d | real |
| org_retention_database_log_recordCount_d | real |
| org_updated_t | datetime |
| org_users_s | string |
| org_uuid_g | string |
| org_vanity_s | string |
| page_info_page_d | real |
| page_info_total_d | real |
| ParentProcessGuid | string |
| ParentProcessId | real |
| ParentProcessName | string |
| path_s | string |
| ProcessEventSubType | string |
| ProcessEventType | string |
| queue_s | string |
| rateLimitingSeconds_d | real |
| rateLimitingSecs_d | real |
| RawData | string |
| region_s | string |
| Related_binaries | dynamic |
| Related_files | dynamic |
| Related_groups | dynamic |
| Related_processes | dynamic |
| Related_users | dynamic |
| return_description_s | string |
| return_error_d | real |
| return_return_value_d | real |
| socket_inet_family_d | real |
| socket_inet_id_d | real |
| socket_inet_ip_address_s | string |
| socket_inet_port_d | real |
| socket_unix_family_d | real |
| socket_unix_path_s | string |
| SourceSystem | string |
| SrcDeviceType | string |
| SrcIpAddr | string |
| SrcUsermail | string |
| SrcUsername | string |
| subject_audit_id_d | real |
| subject_audit_user_name_s | string |
| subject_effective_group_id_d | real |
| subject_effective_group_name_s | string |
| subject_effective_user_id_d | real |
| subject_effective_user_name_s | string |
| subject_group_id_d | real |
| subject_group_name_s | string |
| subject_process_hash_s | string |
| subject_process_id_d | real |
| subject_process_name_s | string |
| subject_responsible_process_id_d | real |
| subject_responsible_process_name_s | string |
| subject_session_id_d | real |
| subject_terminal_id_ip_address_s | string |
| subject_terminal_id_port_d | real |
| subject_terminal_id_type_d | real |
| subject_user_id_d | real |
| subject_user_name_s | string |
| TargetBinaryFilePath | dynamic |
| TargetBinarySHA1 | string |
| TargetBinarySHA256 | string |
| TargetbinarySignerType | string |
| TargetBinarySigningAppID | string |
| TargetBinarySigningInfoMessage | dynamic |
| TargetBinarySigningTeamID | string |
| TargetFileIsAppBundle | string |
| TargetFileIsDirectory | string |
| TargetFileIsDownload | string |
| TargetFileIsScreenshot | string |
| TargetFileName | string |
| TargetFilePath | string |
| TargetFileSHA1_dynamic | dynamic |
| TargetFileSHA1_string | string |
| TargetFileSHA256_dynamic | dynamic |
| TargetFileSHA256_string | string |
| TargetFileSignerType | string |
| TargetFileSigningInfoMessage | dynamic |
| TargetFileSigningTeamID | dynamic |
| TargetFileSize | dynamic |
| TargetHostname | string |
| TargetModel | string |
| TargetProcessCommandLine | string |
| TargetProcessCreationTime | datetime |
| TargetProcessCurrentDirectory | string |
| TargetProcessGuid | real |
| TargetProcessId | real |
| TargetProcessName | string |
| TargetProcessSHA1 | dynamic |
| TargetProcessSHA256 | dynamic |
| TargetUserId | real |
| TargetUsername | string |
| TenantId | string |
| texts_s | string |
| ThreatCategory | string |
| ThreatOriginalRiskLevel | string |
| TimeGenerated | datetime |
| timestamp_d | real |
| topic_s | string |
| topicType_s | string |
| Type | string |
| type_s | string |
| version_d | real |
This table is used by the following solutions:
In solution Jamf Protect:
| Analytic Rule | Selection Criteria |
|---|---|
| Jamf Protect - Network Threats |
| Parser | Solution | Selection Criteria |
|---|---|---|
| JamfProtectNetworkTraffic | Jamf Protect | |
| JamfProtectThreatEvents | Jamf Protect |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊