Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Reference for Usage table in Azure Monitor Logs.
| Attribute | Value |
|---|---|
| Category | Azure Monitor |
| Basic Logs Eligible | ✗ No |
| Ingestion API Supported | ✗ No |
| Azure Monitor Tables Reference | View Documentation |
Source: Azure Monitor documentation
| Column Name | Type | Description |
|---|---|---|
| _BilledSize | real | The record size in bytes |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable isfalseingestion isn't billed to your Azure account |
| AvgLatencyInSeconds | real | Deprecated |
| BatchesCapped | long | Deprecated |
| BatchesOutsideSla | long | Deprecated |
| BatchesWithinSla | long | Deprecated |
| Computer | string | Deprecated |
| DataType | string | Table that usage is being reported about. |
| EndTime | datetime | End time of the one hour aggregation window. |
| IsBillable | bool | Logical flag to indicate whether we bill for this data record. |
| LinkedMeterId | string | Deprecated |
| LinkedResourceUri | string | Deprecated |
| MeterId | string | GUID of the meter used for billing. |
| Quantity | real | Size of data in Mbytes. |
| QuantityUnit | string | Value is alwais Mbytes. |
| ResourceUri | string | The URI of the workspace. This will be same for all records in this table in workspace. |
| Solution | string | Solution about which usage is being reported. |
| SourceSystem | string | The type of agent the event was collected by. For example,OpsManagerfor Windows agent, either direct connect or Operations Manager,Linuxfor all Linux agents, orAzurefor Azure Diagnostics |
| StartTime | datetime | Start time of the 1 hour aggregation window (same as TimeGenerated). |
| TimeGenerated | datetime | Date and time the record was created. |
| TotalBatches | long | Deprecated |
| Type | string | The name of the table |
This table is used by the following solutions:
In solution MaturityModelForEventLogManagementM2131:
| Analytic Rule | Selection Criteria |
|---|---|
| M2131_RecommendedDatatableUnhealthy |
In solution MaturityModelForEventLogManagementM2131:
| Hunting Query | Selection Criteria |
|---|---|
| M2131_RecommendedDatatableNotLogged_EL0 | |
| M2131_RecommendedDatatableNotLogged_EL1 | |
| M2131_RecommendedDatatableNotLogged_EL2 | |
| M2131_RecommendedDatatableNotLogged_EL3 |
In solution Corelight:
| Workbook | Selection Criteria |
|---|---|
| Corelight_Sensor_Overview |
In solution CybersecurityMaturityModelCertification(CMMC)2.0:
| Workbook | Selection Criteria |
|---|---|
| CybersecurityMaturityModelCertification_CMMCV2 |
In solution MaturityModelForEventLogManagementM2131:
| Workbook | Selection Criteria |
|---|---|
| MaturityModelForEventLogManagement_M2131 |
In solution NISTSP80053:
| Workbook | Selection Criteria |
|---|---|
| NISTSP80053 |
In solution SOC Handbook:
| Workbook | Selection Criteria |
|---|---|
| AzureSentinelCost | |
| InvestigationInsights | |
| MITREAttack |
In solution SOC-Process-Framework:
| Workbook | Selection Criteria |
|---|---|
| SOCProcessFramework |
In solution ThreatAnalysis&Response:
| Workbook | Selection Criteria |
|---|---|
| ThreatAnalysis&Response |
In solution ZeroTrust(TIC3.0):
| Workbook | Selection Criteria |
|---|---|
| ZeroTrustTIC3 |
GitHub Only:
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊