Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Reference for ThreatIntelExportOperation table in Azure Monitor Logs.
| Attribute | Value |
|---|---|
| Category | Security |
| Basic Logs Eligible | ✗ No |
| Ingestion API Supported | ✗ No |
| Azure Monitor Tables Reference | View Documentation |
Source: Azure Monitor documentation
| Column Name | Type | Description |
|---|---|---|
| _BilledSize | real | The record size in bytes |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable isfalseingestion isn't billed to your Azure account |
| _ResourceId | string | A unique identifier for the resource that the record is associated with |
| _SubscriptionId | string | A unique identifier for the subscription that the record is associated with |
| DestinationInfo | dynamic | Additional information about the export destination depending on ExportType. |
| ErrorDetails | string | Additional information when Status is 'Failure' / 'Timeout'. |
| ExportDuration | int | The total time, in milliseconds, taken to complete the export operation. |
| ExportedBy | string | The user who initiated the export operation (email address). |
| ExportId | string | A value that uniquely identifies the Export operation. |
| ExportType | string | Represents the export destination type. e.g. TAXII |
| ExternallyExportedId | string | The unique identifier of the exported object. |
| Id | string | A Sentinel internal unique identifier that identifies a STIX object and can be used with Sentinel APIs. |
| SourceSystem | string | The type of agent the event was collected by. For example,OpsManagerfor Windows agent, either direct connect or Operations Manager,Linuxfor all Linux agents, orAzurefor Azure Diagnostics |
| Status | string | Status of the export operation, possible values: 'Success', 'Failure', 'Timeout'. |
| StixId | string | A globally unique identifier that identifies a STIX object. |
| TenantId | string | The Log Analytics workspace ID |
| TimeExported | datetime | The time of export to destination (UTC). |
| TimeGenerated | datetime | The timestamp of when the log entry was generated (UTC). |
| Type | string | The name of the table |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Threat intelligence - TAXII Export (Preview) |
This table collects data from the following Azure resource types:
microsoft.securityinsights/threatintelligenceBrowse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊