Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Custom Log V1 | Yes 🔶 — uses type-suffixed column names |
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| _ResourceId | string |
| action_s | string |
| browserVersion_s | string |
| Computer | string |
| description_s | string |
| deviceHostname_s | string |
| eventCategory_s | string |
| eventDetails_activity_s | string |
| eventDetails_categories_s | string |
| eventDetails_engine_s | string |
| eventDetails_failedAttempts_d | real |
| eventDetails_fromURL_s | string |
| eventDetails_id_s | string |
| eventDetails_installSource_s | string |
| eventDetails_loginUsername_s | string |
| eventDetails_matchedURL_s | string |
| eventDetails_method_s | string |
| eventDetails_name_s | string |
| eventDetails_path_s | string |
| eventDetails_printerName_s | string |
| eventDetails_protocol_s | string |
| eventDetails_reasons_s | string |
| eventDetails_type_s | string |
| eventDetails_version_s | string |
| eventType_s | string |
| id_s | string |
| IPAddress | string |
| ManagementGroupName | string |
| MG | string |
| mitreTechniques_s | string |
| osPlatform_s | string |
| osVersion_s | string |
| policyRule_s | string |
| RawData | string |
| severity_s | string |
| SourceSystem | string |
| TenantId | string |
| time_s | string |
| TimeGenerated | datetime |
| Type | string |
| type_s | string |
| url_s | string |
| userAgent_s | string |
| userEmail_s | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Talon Insights |
In solution Talon:
| Workbook | Selection Criteria |
|---|---|
| TalonInsights |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊