Samsung_Knox_Audit_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index

Attribute Value
Ingestion API Supported ✓ Yes

Contents

Schema (20 columns)

Source: KQL validation test schema

Column Name Type
Action string
AdmPkgName string
AdmUserId int
DeviceImei1 string
DeviceImei2 string
DeviceModel string
DeviceSerialNumber string
DeviceWifimac string
EventGuid long
FailureReason string
KeyMask int
MitreTtp dynamic
Name string
PkgName string
PrimaryImei string
Profile string
Severity string
TimeGenerated datetime
UserId int
Version string

Solutions (1)

This table is used by the following solutions:

Connectors (1)

This table is ingested by the following connectors:

Connector Selection Criteria
Samsung Knox Asset Intelligence

Content Items Using This Table (3)

Analytic Rules (1)

In solution Samsung Knox Asset Intelligence:

Analytic Rule Selection Criteria
Samsung Knox - Security Log Full Events

Workbooks (2)

In solution Samsung Knox Asset Intelligence:

Workbook Selection Criteria
SamsungKnoxAssetIntelligence

GitHub Only:

Workbook Selection Criteria
SamsungKnoxAssetIntelligence

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index