Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: Data Collection Rule definition
| Column Name | Type |
|---|---|
| AdditionalFields | dynamic |
| AlertDescription | string |
| AlertId | string |
| AlertName | dynamic |
| AlertOriginalStatus | dynamic |
| AlertStatus | dynamic |
| AlertVerdict | dynamic |
| AttackRemediationSteps | dynamic |
| AttackTactics | dynamic |
| AttackTechniques | dynamic |
| DetectionMethod | dynamic |
| Dvc | string |
| DvcAction | dynamic |
| DvcDescription | dynamic |
| DvcDomain | dynamic |
| DvcDomainType | dynamic |
| DvcFqdn | dynamic |
| DvcHostname | dynamic |
| DvcId | dynamic |
| DvcIdType | dynamic |
| DvcInterface | dynamic |
| DvcIpAddr | dynamic |
| DvcMacAddr | dynamic |
| DvcOriginalAction | dynamic |
| DvcOs | dynamic |
| DvcOsVersion | dynamic |
| DvcScope | dynamic |
| DvcScopeId | dynamic |
| DvcZone | dynamic |
| EmailMessageId | dynamic |
| EmailSubject | dynamic |
| EventCount | int |
| EventEndTime | datetime |
| EventMessage | string |
| EventOriginalResultDetails | dynamic |
| EventOriginalSeverity | dynamic |
| EventOriginalSubType | dynamic |
| EventOriginalType | dynamic |
| EventOriginalUid | dynamic |
| EventOwner | dynamic |
| EventProduct | string |
| EventProductVersion | dynamic |
| EventReportUrl | dynamic |
| EventResult | string |
| EventResultDetails | dynamic |
| EventSchema | string |
| EventSchemaVersion | string |
| EventSeverity | string |
| EventStartTime | datetime |
| EventSubType | dynamic |
| EventType | string |
| EventUid | string |
| EventVendor | string |
| FileMD5 | dynamic |
| FileName | dynamic |
| FilePath | dynamic |
| FileSHA1 | dynamic |
| FileSHA256 | dynamic |
| FileSize | dynamic |
| Hostname | dynamic |
| IndicatorAssociation | dynamic |
| IndicatorType | dynamic |
| IpAddr | dynamic |
| OriginalUserType | dynamic |
| ProcessCommandLine | dynamic |
| ProcessFileCompany | dynamic |
| ProcessId | dynamic |
| ProcessName | dynamic |
| RegistryData | dynamic |
| RegistryKey | dynamic |
| RegistryValue | dynamic |
| RegistryValueType | dynamic |
| Rule | string |
| RuleDescription | dynamic |
| RuleName | dynamic |
| RuleNumber | dynamic |
| ThreatCategory | dynamic |
| ThreatConfidence | dynamic |
| ThreatFirstReportedTime | dynamic |
| ThreatId | string |
| ThreatIsActive | dynamic |
| ThreatLastReportedTime | dynamic |
| ThreatName | string |
| ThreatOriginalCategory | dynamic |
| ThreatOriginalConfidence | dynamic |
| ThreatOriginalRiskLevel | dynamic |
| ThreatRiskLevel | dynamic |
| TimeGenerated | datetime |
| Url | dynamic |
| UserId | dynamic |
| UserIdType | string |
| Username | dynamic |
| UsernameType | string |
| UserScope | dynamic |
| UserScopeId | dynamic |
| UserSessionId | dynamic |
| UserType | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Obsidian Datasharing Connector |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊