Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Custom Log V1 | Yes 🔶 — uses type-suffixed column names |
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| _ResourceId | string |
| Computer | string |
| EventModifier_s | string |
| EventName_s | string |
| EventReceivedTime_t | datetime |
| EventTime_s | string |
| EventType_s | string |
| Identity_CDHash_s | string |
| Identity_s | string |
| Identity_SignerId_s | string |
| Identity_SignerIdTruncated_s | string |
| Identity_SignerType_s | string |
| Identity_TeamId_s | string |
| Identity_TeamIdTruncated_s | string |
| ManagementGroupName | string |
| MG | string |
| RawData | string |
| ReturnErrno_s | string |
| ReturnRetval_s | string |
| SourceModuleName_s | string |
| SourceModuleType_s | string |
| SourceSystem | string |
| SubjectAuditID_s | string |
| SubjectGID_s | string |
| SubjectPID_s | string |
| SubjectRealGID_s | string |
| SubjectRealUID_s | string |
| SubjectSID_s | string |
| SubjectTerminal_Host_s | string |
| SubjectTerminal_Port_s | string |
| SubjectTerminal_s | string |
| SubjectUID_s | string |
| TenantId | string |
| Text_s | string |
| TimeGenerated | datetime |
| TokenVersion_s | string |
| TrailerCount_s | string |
| Type | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| NXLog BSM macOS |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊