Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Reference for SecurityDetection table in Azure Monitor Logs.
| Attribute | Value |
|---|---|
| Category | Security |
| Basic Logs Eligible | ✗ No (source) |
| Supports Transformations | ✓ Yes (source) |
| Ingestion API Supported | ✗ No |
| Azure Monitor Tables Reference | View Documentation |
Source: Azure Monitor documentation
| Column Name | Type | Description |
|---|---|---|
| _BilledSize | real | The record size in bytes |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable isfalseingestion isn't billed to your Azure account |
| _ResourceId | string | A unique identifier for the resource that the record is associated with |
| _SubscriptionId | string | A unique identifier for the subscription that the record is associated with |
| AccountsSeen | int | |
| AlertSeverity | string | |
| AlertTitle | string | |
| AssociatedResource | string | |
| ChildProcess | string | |
| CommandLine | string | |
| Computer | string | |
| Description | string | |
| DetectionID | string | |
| Duration | string | |
| ExtendedProperties | string | |
| FailedAttempts | int | |
| FullPath | string | |
| InvalidAccountsSeen | int | |
| IsFirstParty | bool | |
| LogChannel | string | |
| OccuringDatacenter | string | |
| OriginalSeverity | string | |
| ParentProcess | string | |
| ProcessName | string | |
| Provider | string | |
| RemediationSteps | string | |
| ReportingSystem | string | |
| ServiceId | string | |
| SubjectDomainName | string | |
| SubjectUserName | string | |
| SubscriptionId | string | |
| SuccessfulLogins | int | |
| SuspiciousProcess | string | |
| TimeGenerated | datetime | |
| Type | string | The name of the table |
| ValidAccountsSeen | int |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊