Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Custom Log V1 | Yes 🔶 — uses type-suffixed column names |
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| _ItemId | string |
| _ResourceId | string |
| clientIp | string |
| clientIp_s | string |
| Computer | string |
| description | string |
| description_s | string |
| eventId | string |
| eventId_g | string |
| eventTime | real |
| eventTime_d | real |
| flagged | bool |
| flagged_b | bool |
| loginName_s | string |
| ManagementGroupName | string |
| MG | string |
| orgName | string |
| orgName_s | string |
| RawData | string |
| requestUrl | string |
| requestUrl_s | string |
| SourceSystem | string |
| TenantId | string |
| TimeGenerated | datetime |
| Type | string |
| verbose | bool |
| verbose_b | bool |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| [DEPRECATED] VMware Carbon Black Cloud (using Azure Function) |
| Parser | Schema | Product | Selection Criteria |
|---|---|---|---|
| ASimAuditEventVMwareCarbonBlackCloud | AuditEvent | VMware Carbon Black Cloud | |
| ASimAuthenticationVMwareCarbonBlackCloud | Authentication | VMware Carbon Black Cloud |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊