Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| actionTaken | string |
| application | string |
| attackSource | string |
| attackTarget | string |
| bytesReceived | int |
| bytesSent | int |
| category | string |
| closeReason | string |
| destination | string |
| destinationIp | string |
| destinationPort | int |
| domainName | string |
| edgeLogicalId | string |
| edgeName | datetime |
| enterpriseLogicalId | string |
| extensionHeader | string |
| firewallPolicyName | string |
| idsAlert | int |
| inputInterface | datetime |
| ipsAlert | int |
| logType | string |
| protocol | int |
| ruleId | string |
| ruleVersion | int |
| segmentLogicalId | string |
| segmentName | string |
| sessionDurationSecs | int |
| sessionId | int |
| severity | int |
| signature | string |
| signatureId | int |
| sourceIp | string |
| sourcePort | int |
| TimeGenerated | datetime |
| timestamp | datetime |
| verdict | string |
This table is used by the following solutions:
In solution VMware SASE:
| Analytic Rule | Selection Criteria |
|---|---|
| VMware SD-WAN Edge - IDS/IPS Alert triggered (Search API) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊