Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Custom Log V1 | Yes 🔶 — uses type-suffixed column names |
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| alert_category_s | string |
| alert_rev_d | int |
| alert_severity_d | int |
| alert_signature_id_d | int |
| alert_signature_s | string |
| customer_id_s | string |
| dest_ip_s | string |
| dest_port_d | real |
| dst_ip_enrichments_annotations_applications_s | string |
| dst_ip_enrichments_annotations_environments_s | string |
| dst_ip_enrichments_annotations_locations_s | string |
| dst_ip_enrichments_annotations_owners_s | string |
| dst_ip_enrichments_annotations_roles_s | string |
| dst_ip_enrichments_annotations_tags_s | string |
| dst_ip_enrichments_asn_asn_d | int |
| dst_ip_enrichments_asn_asn_org_s | string |
| dst_ip_enrichments_asn_isp_s | string |
| dst_ip_enrichments_asn_org_s | string |
| dst_ip_enrichments_geo_city_s | string |
| dst_ip_enrichments_geo_country_s | string |
| dst_ip_enrichments_geo_location_lat_d | real |
| dst_ip_enrichments_geo_location_lon_d | real |
| dst_ip_enrichments_geo_subdivision_s | string |
| dst_ip_enrichments_internal_b | bool |
| event_type_s | string |
| geo_distance_d | real |
| http_hostname_enrichments_domain_enrichments_domain_entropy_d | real |
| http_hostname_enrichments_ip_enrichments_annotations_applications_s | string |
| http_hostname_enrichments_ip_enrichments_annotations_environments_s | string |
| http_hostname_enrichments_ip_enrichments_annotations_locations_s | string |
| http_hostname_enrichments_ip_enrichments_annotations_owners_s | string |
| http_hostname_enrichments_ip_enrichments_annotations_roles_s | string |
| http_hostname_enrichments_ip_enrichments_annotations_tags_s | string |
| http_hostname_enrichments_ip_enrichments_asn_asn_d | int |
| http_hostname_enrichments_ip_enrichments_asn_asn_org_s | string |
| http_hostname_enrichments_ip_enrichments_asn_isp_s | string |
| http_hostname_enrichments_ip_enrichments_asn_org_s | string |
| http_hostname_enrichments_ip_enrichments_geo_city_s | string |
| http_hostname_enrichments_ip_enrichments_geo_country_s | string |
| http_hostname_enrichments_ip_enrichments_geo_location_lat_d | real |
| http_hostname_enrichments_ip_enrichments_geo_location_lon_d | real |
| http_hostname_enrichments_ip_enrichments_geo_subdivision_s | string |
| http_hostname_enrichments_ip_enrichments_internal_b | bool |
| http_hostname_s | string |
| http_http_content_type_s | string |
| http_http_method_s | string |
| http_http_refer_s | string |
| http_http_user_agent_s | string |
| http_length_d | int |
| http_protocol_s | string |
| http_redirect_s | string |
| http_status_d | int |
| http_url_s | string |
| http_xtf_s | string |
| intel_s | string |
| payload_s | string |
| proto_s | string |
| sensor_id_s | string |
| source_s | string |
| src_ip_enrichments_annotations_applications_s | string |
| src_ip_enrichments_annotations_environments_s | string |
| src_ip_enrichments_annotations_locations_s | string |
| src_ip_enrichments_annotations_owners_s | string |
| src_ip_enrichments_annotations_roles_s | string |
| src_ip_enrichments_annotations_tags_s | string |
| src_ip_enrichments_asn_asn_d | int |
| src_ip_enrichments_asn_asn_org_s | string |
| src_ip_enrichments_asn_isp_s | string |
| src_ip_enrichments_asn_org_s | string |
| src_ip_enrichments_geo_city_s | string |
| src_ip_enrichments_geo_country_s | string |
| src_ip_enrichments_geo_location_lat_d | real |
| src_ip_enrichments_geo_location_lon_d | real |
| src_ip_enrichments_geo_subdivision_s | string |
| src_ip_enrichments_internal_b | bool |
| src_ip_s | string |
| src_port_d | real |
| TimeGenerated | datetime |
| timestamp_t | datetime |
| Type | string |
| uuid_g | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Fortinet FortiNDR Cloud |
In solution Fortinet FortiNDR Cloud:
| Workbook | Selection Criteria |
|---|---|
| FortinetFortiNdrCloudWorkbook |
| Parser | Solution | Selection Criteria |
|---|---|---|
| Fortinet_FortiNDR_Cloud | Fortinet FortiNDR Cloud |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊