Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| beacon_type | string |
| beacon_uid | string |
| duration | long |
| first_event_time | datetime |
| id_ip_ver | string |
| id_orig_h | string |
| id_orig_p | int |
| id_resp_h | string |
| id_resp_p | int |
| ja3 | string |
| last_event_time | datetime |
| local_orig | bool |
| local_resp | bool |
| orig_hostname | string |
| orig_huid | string |
| orig_ip_bytes | long |
| orig_sluid | string |
| proto | int |
| protoName | string |
| resp_domains | dynamic |
| resp_ip_bytes | long |
| resp_sluid | string |
| sensor_uid | string |
| service | string |
| session_count | long |
| TimeGenerated | datetime |
| ts | datetime |
| uid | string |
| Parser | Solution | Selection Criteria |
|---|---|---|
| vectra_match | Vectra AI Stream |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊