DetectionAlerts_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Tables Index

---

Attribute	Value
Ingestion API Supported	✓ Yes

Contents

• Schema
• Solutions
• Connectors
• Content Items
• Parsers

Schema (20 columns)

Source: KQL validation test schema

Column Name	Type
_ResourceId	string
collectionElements	dynamic
createdTime	datetime
detection	dynamic
detectionTime	datetime
detectionTimingDetails	dynamic
DetectionType	string
id	string
latencyMetrics	dynamic
latencyMetrics_ingestionLatency	string
latencyMetrics_newestEventTime	datetime
latencyMetrics_newestIngestionTime	datetime
latencyMetrics_oldestEventTime	datetime
latencyMetrics_oldestIngestionTime	datetime
TenantId	string
TimeGenerated	datetime
timeWindow	dynamic
timeWindow_endTime	datetime
timeWindow_startTime	datetime
Type	string

Solutions (1)

This table is used by the following solutions:

• GoogleSecOps

Connectors (1)

This table is ingested by the following connectors:

Connector	Selection Criteria
Google SecOps Detection Alerts

---

Content Items Using This Table (4)

Analytic Rules (4)

In solution GoogleSecOps:

Analytic Rule	Selection Criteria
Google SecOps - Detection Alerts
Google SecOps - GCTI Threat Intelligence Finding
Google SecOps - Multi-Event Correlated Alert
Google SecOps - Single-Event Alert

Parsers Using This Table (1)

Other Parsers (1)

Parser	Solution	Selection Criteria
GoogleSecOpsDetectionAlerts	GoogleSecOps

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Tables Index