Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Type | Workbook |
| Solution | AzureSecurityBenchmark |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AADManagedIdentitySignInLogs |
✓ | ✗ | ? | |
AADNonInteractiveUserSignInLogs |
✓ | ✗ | ? | |
AADServicePrincipalSignInLogs |
✓ | ✗ | ? | |
AADUserRiskEvents |
✓ | ✗ | ? | |
AuditLogs |
OperationName in "Add member to role,Add user,AzureFirewallIDSLog,NetworkSecurityGroupEvents,Reset user password,Update user"OperationName contains "PIM"OperationName contains "create"OperationName contains "delete"OperationName contains "lockbox"OperationName contains "remove"OperationName contains "update" |
✓ | ✗ | ? |
AzureActivity |
? | ✗ | ? | |
AzureDevOpsAuditing |
✓ | ✗ | ? | |
AzureDiagnostics 🔶 |
Category in "All,AzureFirewallNetworkRule,NetworkSecurityGroupRuleCounter"ResourceProvider == "MICROSOFT.KEYVAULT"ResourceType == "AZUREFIREWALLS" |
? | ✗ | ? |
BehaviorAnalytics |
✓ | ✗ | ? | |
Event |
✓ | ✓ | ? | |
GitHubAuditLogPolling_CL |
? | ✓ | ? | |
IdentityInfo |
✓ | ✗ | ? | |
InformationProtectionLogs_CL 🔶 |
? | ✓ | ? | |
ProtectionStatus |
✓ | ✗ | ? | |
SecurityAlert |
✓ | ✗ | ? | |
SecurityBaseline |
✓ | ✗ | ? | |
SecurityEvent |
EventID in "2889,3000,4624,4768,4769,4776" |
✓ | ✓ | ? |
SecurityIncident |
✓ | ✗ | ? | |
SecurityNestedRecommendation |
✓ | ✗ | ? | |
SecurityRegulatoryCompliance |
✓ | ✗ | ? | |
SigninLogs |
✓ | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊