Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Custom Log V1 | Yes 🔶 — uses type-suffixed column names |
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| Action_s | string |
| Attachments_s | string |
| Category | string |
| CcHeader_s | string |
| CustomerTenantId_g | string |
| Email_s | string |
| ForefrontAntiSpam_s | string |
| HasAttachment_b | bool |
| HasImage_b | bool |
| HeaderMessageId_s | string |
| IsInBlackList_b | bool |
| IsInWhiteList_b | bool |
| MessageDate_t | datetime |
| MessageId_s | string |
| MessageSize_d | real |
| MicrosoftAntiSpam_s | string |
| OriginCountry_s | string |
| ReceivedDateTime_d | real |
| ReceivedHeaders_s | string |
| Recipients_s | string |
| Score_d | real |
| Sender_Domain_s | datetime |
| Sender_Email_s | real |
| SenderHeader_s | string |
| SourceSystem | string |
| Subject_s | string |
| TenantId | string |
| TimeGenerated | datetime |
| ToHeader_s | guid |
| Type | string |
| UserId_g | string |
| Virus_b | bool |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| MailGuard 365 |
In solution MailGuard 365:
| Hunting Query | Selection Criteria |
|---|---|
| MailGuard 365 - High Confidence Threats | |
| MailGuard 365 - Malware Threats | |
| MailGuard 365 - Phishing Threats |
In solution MailGuard 365:
| Workbook | Selection Criteria |
|---|---|
| MailGuard365Dashboard |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊