Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Type | Workbook |
| Solution | ContinuousDiagnostics&Mitigation |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AWSCloudTrail |
✓ | ✓ | ? | |
AWSVPCFlow |
✓ | ✓ | ? | |
AlertEvidence |
✓ | ✗ | ? | |
AuditLogs |
OperationName contains "PIM" |
✓ | ✗ | ? |
AzureActivity |
? | ✗ | ? | |
AzureDevOpsAuditing |
✓ | ✗ | ? | |
AzureDiagnostics 🔶 |
Category in "NetworkSecurityGroupEvent,kube-audit"Category contains "SQL"ResourceProvider == "MICROSOFT.KEYVAULT"ResourceType in "APPLICATIONGATEWAYS,AZUREFIREWALLS,CDNWEBAPPLICATIONFIREWALLPOLICIES,FRONTDOORS,PROFILES,PUBLICIPADDRESSES" |
? | ✗ | ? |
CarbonBlack_Alerts_CL |
? | ✓ | ? | |
CommonSecurityLog |
✓ | ✓ | ? | |
ConfigurationData |
✓ | ✗ | ? | |
DeviceEvents |
✓ | ✗ | ? | |
DeviceFileEvents |
✓ | ✗ | ? | |
DeviceLogonEvents |
✓ | ✗ | ? | |
DnsEvents |
✓ | ✗ | ? | |
Dynamics365Activity |
✓ | ✗ | ? | |
GCP_IAM_CL 🔶 |
? | ✓ | ? | |
GitHubAuditLogPolling_CL |
? | ✓ | ? | |
IdentityInfo |
✓ | ✗ | ? | |
InformationProtectionLogs_CL 🔶 |
? | ✓ | ? | |
OfficeActivity |
✓ | ✗ | ? | |
QualysHostDetectionV3_CL |
? | ✓ | ? | |
SecurityAlert |
✓ | ✗ | ? | |
SecurityBaseline |
✓ | ✗ | ? | |
SecurityEvent |
✓ | ✓ | ? | |
SecurityIncident |
✓ | ✗ | ? | |
SecurityNestedRecommendation |
✓ | ✗ | ? | |
SecurityRecommendation |
✓ | ✗ | ? | |
SigninLogs |
✓ | ✗ | ? | |
StorageBlobLogs |
✓ | ✗ | ? | |
Syslog |
✓ | ✓ | ? | |
ThreatIntelligenceIndicator |
✓ | ✓ | ? | |
WindowsFirewall |
✓ | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
↑ Back to Workbooks · Back to ContinuousDiagnostics&Mitigation