Pathlock TDnR - Database Cockpit Audit Events

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Content Index

Detects security-relevant events from the SAP Database Administration Cockpit (DBACOCKPIT), forwarded by Pathlock Threat Detection and Response. Suspicious DBACOCKPIT activity may indicate unauthorized direct database access, privilege escalation, or attempts to bypass SAP application controls.

Attribute	Value
Type	Analytic Rule
Solution	Pathlock_TDnR
ID	`2a3b4c5d-6e7f-4a0b-8c1d-2e3f4a5b6c23`
Severity	Medium
Status	Available
Kind	Scheduled
Tactics	Discovery, PrivilegeEscalation
Techniques	T1082, T1548
Required Connectors	Pathlock_TDnR
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Transformations	Ingestion API	Lake-Only
`Pathlock_TDnR_CL`	?	✓	?

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Analytic Rules · Back to Pathlock_TDnR