ContrastADRIncidents_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Tables Index

---

Attribute	Value
Ingestion API Supported	✓ Yes

Contents

• Schema
• Solutions
• Connectors
• Content Items
• Parsers

Schema (18 columns)

Source: Connector definition

Column Name	Type
alertReason	string
alertType	string
createdTime	datetime
eventType	string
incidentId	string
incidentName	string
organizationUuid	string
recommendedActions	dynamic
recommendedRunbooks	dynamic
relatedRules	dynamic
score	real
severity	string
source	string
status	string
summary	string
TimeGenerated	datetime
timestamp	string
url	string

Solutions (1)

This table is used by the following solutions:

• ContrastADR

Connectors (1)

This table is ingested by the following connectors:

Connector	Selection Criteria
Contrast ADR Push Connector

---

Content Items Using This Table (2)

Analytic Rules (2)

In solution ContrastADR:

Analytic Rule	Selection Criteria
Contrast ADR - EDR Alert Correlation
Contrast ADR - Security Incident Alert

Parsers Using This Table (1)

Other Parsers (1)

Parser	Solution	Selection Criteria
ContrastADR_Incident	ContrastADR

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Tables Index