Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Category | Crowdstrike |
| Ingestion API Supported | ✓ Yes |
Source: Connector definition
| Column Name | Type | Description |
|---|---|---|
| AdditionalFields | dynamic | |
| aid | string | |
| aip | string | |
| BoundingLimitCount | long | |
| BoundingLimitDuration | string | |
| cid | string | |
| ConfigBuild | string | |
| ConfigStateHash | string | |
| ContextProcessId | string | |
| ContextThreadId | string | |
| ContextTimeStamp | real | |
| CrowdStrikeId | string | |
| DomainSid | string | |
| EffectiveTransmissionClass | string | |
| Entitlements | string | |
| event_platform | string | |
| event_simpleName | string | |
| GroupRid | string | |
| InterfaceGuid | string | |
| InterfaceVersion | string | |
| name | string | |
| OciContainerId | string | |
| RpcClientProcessId | string | |
| RpcClientThreadId | string | |
| RpcNestingLevel | string | |
| RpcOpNum | string | |
| TimeGenerated | datetime | The timestamp (UTC) reflecting the time in which the event was generated. |
| timestamp | long | |
| TreeId | string | |
| UserName | string | |
| UserRid | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| CrowdStrike Falcon Data Replicator (AWS S3) (via Codeless Connector Framework) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊