Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: Data Collection Rule definition
| Column Name | Type |
|---|---|
| ActingAppId | dynamic |
| ActingAppName | dynamic |
| ActingAppType | dynamic |
| ActorOriginalUserType | dynamic |
| ActorScope | dynamic |
| ActorScopeId | dynamic |
| ActorSessionId | dynamic |
| ActorUserId | dynamic |
| ActorUserIdType | dynamic |
| ActorUsername | dynamic |
| ActorUsernameType | string |
| ActorUserType | string |
| AdditionalFields | dynamic |
| Application | dynamic |
| Dst | string |
| Dvc | string |
| DvcAction | dynamic |
| DvcDescription | dynamic |
| DvcDomain | dynamic |
| DvcDomainType | dynamic |
| DvcFqdn | dynamic |
| DvcHostname | dynamic |
| DvcId | dynamic |
| DvcIdType | dynamic |
| DvcInterface | dynamic |
| DvcIpAddr | dynamic |
| DvcMacAddr | dynamic |
| DvcOriginalAction | dynamic |
| DvcOs | dynamic |
| DvcOsVersion | dynamic |
| DvcScope | dynamic |
| DvcScopeId | dynamic |
| DvcZone | dynamic |
| EventCount | int |
| EventEndTime | string |
| EventMessage | dynamic |
| EventOriginalResultDetails | dynamic |
| EventOriginalSeverity | dynamic |
| EventOriginalSubType | dynamic |
| EventOriginalType | dynamic |
| EventOriginalUid | dynamic |
| EventOwner | dynamic |
| EventProduct | string |
| EventProductVersion | dynamic |
| EventReportUrl | dynamic |
| EventResult | string |
| EventResultDetails | dynamic |
| EventSchema | string |
| EventSchemaVersion | string |
| EventSeverity | dynamic |
| EventStartTime | datetime |
| EventSubType | dynamic |
| EventType | string |
| EventUid | dynamic |
| EventVendor | string |
| HttpUserVersion | dynamic |
| IpAddr | string |
| NewValue | dynamic |
| ObjectName | string |
| ObjectType | string |
| OldValue | dynamic |
| Operation | string |
| Rule | string |
| RuleName | dynamic |
| RuleNumber | dynamic |
| Src | string |
| SrcDescription | dynamic |
| SrcDeviceType | dynamic |
| SrcDomain | dynamic |
| SrcDomainType | dynamic |
| SrcDvcId | dynamic |
| SrcDvcIdType | dynamic |
| SrcDvcScope | dynamic |
| SrcDvcScopeId | dynamic |
| SrcFqdn | dynamic |
| SrcGeoCity | dynamic |
| SrcGeoCountry | dynamic |
| SrcGeoLatitude | dynamic |
| SrcGeoLongitude | dynamic |
| SrcGeoRegion | dynamic |
| SrcHostname | dynamic |
| SrcIpAddr | dynamic |
| SrcPortNumber | dynamic |
| SrcSubscriptionId | dynamic |
| TargetAppId | dynamic |
| TargetAppName | dynamic |
| TargetAppType | string |
| TargetDescription | dynamic |
| TargetDeviceType | dynamic |
| TargetDomain | dynamic |
| TargetDomainType | dynamic |
| TargetDvcId | dynamic |
| TargetDvcIdType | dynamic |
| TargetDvcOs | dynamic |
| TargetDvcScope | dynamic |
| TargetDvcScopeId | dynamic |
| TargetFqdn | dynamic |
| TargetHostname | dynamic |
| TargetIpAddr | dynamic |
| TargetPortNumber | dynamic |
| TargetUrl | dynamic |
| ThreatCategory | dynamic |
| ThreatConfidence | dynamic |
| ThreatField | dynamic |
| ThreatFirstReportedTime | dynamic |
| ThreatId | dynamic |
| ThreatIpAddr | dynamic |
| ThreatIsActive | dynamic |
| ThreatLastReportedTime | dynamic |
| ThreatName | dynamic |
| ThreatOriginalConfidence | dynamic |
| ThreatOriginalRiskLevel | dynamic |
| ThreatRiskLevel | dynamic |
| TimeGenerated | datetime |
| User | dynamic |
| Value | dynamic |
| ValueType | dynamic |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Obsidian Datasharing Connector |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊