Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Reference for SecurityRecommendation table in Azure Monitor Logs.
| Attribute | Value |
|---|---|
| Category | Security |
| Basic Logs Eligible | ✗ No (source) |
| Supports Transformations | ✓ Yes (source) |
| Ingestion API Supported | ✗ No |
| Azure Monitor Tables Reference | View Documentation |
Source: Azure Monitor documentation
| Column Name | Type | Description |
|---|---|---|
| _BilledSize | real | The record size in bytes |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable isfalseingestion isn't billed to your Azure account |
| AssessedResourceId | string | |
| Description | string | |
| DeviceId | string | |
| DiscoveredTimeUTC | datetime | |
| Environment | string | |
| FirstEvaluationDate | datetime | |
| IsSnapshot | bool | |
| PolicyDefinitionId | string | |
| Properties | dynamic | |
| ProviderName | string | |
| RecommendationAdditionalData | dynamic | |
| RecommendationDisplayName | string | |
| RecommendationId | string | |
| RecommendationName | string | |
| RecommendationSeverity | string | |
| RecommendationState | string | |
| ResolvedTimeUTC | datetime | |
| ResourceRegion | string | |
| StatusChangeDate | datetime | |
| TimeGenerated | datetime | |
| Type | string | The name of the table |
This table is used by the following solutions:
In solution AzureSecurityBenchmark:
| Analytic Rule | Selection Criteria |
|---|---|
| Azure Security Benchmark Posture Changed |
In solution ContinuousDiagnostics&Mitigation:
| Analytic Rule | Selection Criteria |
|---|---|
| CDM_ContinuousDiagnostics&Mitigation_PostureChanged |
In solution MaturityModelForEventLogManagementM2131:
In solution NISTSP80053:
| Analytic Rule | Selection Criteria |
|---|---|
| NIST SP 800-53 Posture Changed |
In solution ZeroTrust(TIC3.0):
| Analytic Rule | Selection Criteria |
|---|---|
| ZeroTrust(TIC3.0) Control Assessment Posture Change |
In solution ContinuousDiagnostics&Mitigation:
| Hunting Query | Selection Criteria |
|---|---|
| CDM_ContinuousDiagnostics&Mitigation_Posture |
In solution ContinuousDiagnostics&Mitigation:
| Workbook | Selection Criteria |
|---|---|
| ContinuousDiagnostics&Mitigation |
In solution CybersecurityMaturityModelCertification(CMMC)2.0:
| Workbook | Selection Criteria |
|---|---|
| CybersecurityMaturityModelCertification_CMMCV2 |
In solution MaturityModelForEventLogManagementM2131:
| Workbook | Selection Criteria |
|---|---|
| MaturityModelForEventLogManagement_M2131 |
In solution NISTSP80053:
| Workbook | Selection Criteria |
|---|---|
| NISTSP80053 |
In solution ZeroTrust(TIC3.0):
| Workbook | Selection Criteria |
|---|---|
| ZeroTrustTIC3 |
GitHub Only:
| Workbook | Selection Criteria |
|---|---|
| ASC-ComplianceandProtection | |
| DoDZeroTrustWorkbook | |
| ZeroTrustStrategyWorkbook |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊