DarktraceIncidents_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Tables Index

Attribute Value
Ingestion API Supported ✓ Yes

Contents

Schema (30 columns)

Source: Data Collection Rule definition

Column Name Type
activityId string
aiaScore int
bestAssetName string
currentGroup string
customLabel string
darktraceProduct string
deviceHostname string
deviceIdentifier string
deviceIp string
deviceMac string
devices dynamic
deviceSubnet string
endTime datetime
externalId string
groupByActivity boolean
groupCategory string
groupingId string
groupPreviousGroups dynamic
groupScore int
incidentEventTime datetime
incidentEventTitle string
latitude real
longitude real
newEvent boolean
severity int
startTime datetime
summary string
summaryFirstSentence string
TimeGenerated datetime
url string

Schema References

Official Microsoft Learn documentation for field/column information:

Solutions (1)

This table is used by the following solutions:

Connectors (1)

This table is ingested by the following connectors:

Connector Selection Criteria
Darktrace ActiveAI Security Platform Connector

Content Items Using This Table (2)

Analytic Rules (1)

In solution Darktrace:

Analytic Rule Selection Criteria
Darktrace Incident Event

Workbooks (1)

In solution Darktrace:

Workbook Selection Criteria
DarktraceActiveAISecurityPlatformWorkbook

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Tables Index