Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Category | Crowdstrike |
| Ingestion API Supported | ✓ Yes |
Source: Connector definition
| Column Name | Type | Description |
|---|---|---|
| AdditionalFields | dynamic | |
| aid | string | |
| aip | string | |
| AuthenticationId | string | |
| AuthenticationIdMac | string | |
| AuthenticationPackage | string | |
| AuthenticationUuid | string | |
| AuthenticationUuidAsString | string | |
| BoundingLimitCount | long | |
| BoundingLimitDuration | string | |
| cid | string | |
| ClientComputerName | string | |
| ConfigBuild | string | |
| ConfigStateHash | string | |
| ConfigStateHashA1 | string | |
| ContextProcessId | string | |
| ContextThreadId | string | |
| ContextTimeStamp | real | |
| CrowdStrikeId | string | |
| EffectiveTransmissionClass | string | |
| EnabledPrivilegesBitmask | string | |
| Entitlements | string | |
| EtwRawProcessId | string | |
| EtwRawThreadId | long | |
| event_platform | string | |
| event_simpleName | string | |
| EventOrigin | string | |
| LinkedAuthenticationId | string | |
| LocalSession | string | |
| LoginSessionId | string | |
| LogoffTime | real | |
| LogonDomain | string | |
| LogonId | string | |
| LogonServer | string | |
| LogonTime | real | |
| LogonType | string | |
| name | string | |
| OciContainerId | string | |
| PasswordLastSet | string | |
| PrivilegesBitmask | string | |
| RawProcessId | string | |
| RemoteAccount | string | |
| RemoteAddressIP4 | string | |
| RemoteAddressIP6 | string | |
| ResendToCloud | string | |
| SessionId | string | |
| Status | string | |
| SubStatus | string | |
| TargetProcessId | string | |
| TimeGenerated | datetime | The timestamp (UTC) reflecting the time in which the event was generated. |
| timestamp | long | |
| TreeId | string | |
| UID | string | |
| UserCanonical | string | |
| UserFlags | string | |
| UserGroupsBitmask | string | |
| UserIsAdmin | string | |
| UserLogoffType | string | |
| UserLogonFlags | string | |
| UserName | string | |
| UserPrincipal | string | |
| UserSid | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| CrowdStrike Falcon Data Replicator (AWS S3) (via Codeless Connector Framework) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊