Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Custom Log V1 | Yes 🔶 — uses type-suffixed column names |
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| alert_type_s | string |
| asset_entity_group_id_d | real |
| asset_entity_group_name_s | string |
| asset_id_d | real |
| asset_image_s | string |
| asset_labels_s | string |
| asset_name_s | string |
| asset_term_s | string |
| assignee_s | string |
| business_network_s | string |
| content_created_at_t | datetime |
| darkweb_term_s | string |
| entered_by_s | string |
| entity_account_s | string |
| entity_email_receiver_id_s | string |
| entity_entity_group_id_d | real |
| entity_entity_group_name_s | string |
| entity_id_d | real |
| entity_image_s | string |
| entity_labels_s | string |
| entity_name_s | string |
| entity_term_s | string |
| escalated_b | bool |
| id_d | real |
| last_modified_t | datetime |
| logs_s | string |
| metadata_s | string |
| network_s | string |
| notes_s | string |
| offending_content_url_s | string |
| perpetrator_content_s | string |
| perpetrator_display_name_s | string |
| perpetrator_id_d | real |
| perpetrator_name_s | string |
| perpetrator_network_s | string |
| perpetrator_timestamp_t | datetime |
| perpetrator_type_s | string |
| perpetrator_url_s | string |
| protected_locations_s | string |
| protected_social_object_s | string |
| reviewed_b | bool |
| reviews_s | string |
| rule_group_id_d | real |
| rule_id_d | real |
| rule_name_s | string |
| Severity | real |
| status_s | string |
| tags_s | string |
| TimeGenerated | datetime |
| timestamp_t | datetime |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| ZeroFox Enterprise - Alerts (Polling CCF) |
In solution ZeroFox:
| Analytic Rule | Selection Criteria |
|---|---|
| ZeroFox Alerts - High Severity Alerts | |
| ZeroFox Alerts - Informational Severity Alerts | |
| ZeroFox Alerts - Low Severity Alerts | |
| ZeroFox Alerts - Medium Severity Alerts |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊