SINECSecurityGuard_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index

Attribute Value
Ingestion API Supported ✓ Yes

Contents

Schema (16 columns)

Source: KQL validation test schema

Column Name Type
destination_ip string
destination_port int
detected_at datetime
evidence dynamic
protocol string
sensor_id string
sensor_name string
severity string
signature_category string
signature_details string
signature_id int
signature_name string
source_ip string
source_port int
tenant_id string
TimeGenerated datetime

Solutions (1)

This table is used by the following solutions:

Connectors (1)

This table is ingested by the following connectors:

Connector Selection Criteria
SINEC Security Guard

Content Items Using This Table (1)

Analytic Rules (1)

In solution SINEC Security Guard:

Analytic Rule Selection Criteria
SSG_Security_Incidents

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index