Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: Connector definition
| Column Name | Type | Description |
|---|---|---|
| Action | string | The type of change made, such as Create, update, or Delete. |
| After | string | The policy or setting after the change was made. |
| AuditType | string | Where the change was made, such as settings or a policy. |
| Before | string | The policy or setting before the change was made. |
| string | The email of the user that triggered the event. | |
| Id | string | Unique identifier for the admin audit event. |
| LoggedInFrom | string | The user's IP source. |
| TimeGenerated | datetime | |
| Timestamp | string | The date and time of the administrative change event, expressed as a UTC-formatted string. |
| User | string | The account name of the user who created the change. |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Cisco Umbrella (via Codeless Connector Framework) | |
| Cisco Cloud Security | |
| Cisco Cloud Security (using elastic premium plan) |
GitHub Only:
In solution CiscoUmbrella:
In solution CiscoUmbrella:
| Workbook | Selection Criteria |
|---|---|
| CiscoUmbrella |
| Parser | Solution | Selection Criteria |
|---|---|---|
| Cisco_Umbrella | CiscoUmbrella |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊