Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Custom Log V1 | Yes 🔶 — uses type-suffixed column names |
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| email_attachments_s | string |
| email_firstTimeSender_b | bool |
| email_linksClicked_d | real |
| email_mailFrom_s | string |
| email_messageId_s | string |
| email_payload_Type_s | string |
| email_phishType_s | string |
| email_rcptTo_s | string |
| email_senderIp_s | string |
| email_subject_s | string |
| email_threat_s | string |
| email_trust_s | string |
| event_s | string |
| linkClicked_s | string |
| TimeGenerated | datetime |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Egress Defend | |
| Egress Iris Connector | |
| KnowBe4 Defend |
In solution Egress Defend:
| Analytic Rule | Selection Criteria |
|---|---|
| Egress Defend - Dangerous Attachment Detected | |
| Egress Defend - Dangerous Link Click |
In solution KnowBe4 Defend:
| Analytic Rule | Selection Criteria |
|---|---|
| KnowBe4 Defend - Dangerous Attachment Detected | |
| KnowBe4 Defend - Dangerous Link Click |
In solution KnowBe4 Defend:
| Hunting Query | Selection Criteria |
|---|---|
| Dangerous emails with links clicked |
In solution Egress Defend:
| Workbook | Selection Criteria |
|---|---|
| DefendMetrics |
In solution KnowBe4 Defend:
| Workbook | Selection Criteria |
|---|---|
| KnowBe4DefendMetrics |
| Parser | Solution | Selection Criteria |
|---|---|---|
| DefendAuditData | KnowBe4 Defend |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊