Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Reference for Heartbeat table in Azure Monitor Logs.
| Attribute | Value |
|---|---|
| Category | Endpoint |
| Basic Logs Eligible | ✗ No |
| Ingestion API Supported | ✗ No |
| Azure Monitor Tables Reference | View Documentation |
Source: Azure Monitor documentation
| Column Name | Type | Description |
|---|---|---|
| _BilledSize | real | The record size in bytes |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable isfalseingestion isn't billed to your Azure account |
| _ResourceId | string | A unique identifier for the resource that the record is associated with |
| _SubscriptionId | string | A unique identifier for the subscription that the record is associated with |
| Category | string | Value is Direct Agent SCOM Agent or SCOM Management Server. |
| Computer | string | Computer name |
| ComputerEnvironment | string | Environment that hosts the computer: Azure or Non-Azure |
| ComputerIP | string | IP address of the computer. Note that public IP is used |
| ComputerPrivateIPs | dynamic | The list of private IP addresses of the computer. |
| IsGatewayInstalled | bool | If Log Analytics gateway is installed value is true otherwise value is false. |
| ManagementGroupName | string | Name of Operations Manager management group. |
| OSMajorVersion | string | Operating system major version. |
| OSMinorVersion | string | Operating system minor version. |
| OSName | string | Name of OS. |
| OSType | string | Type of OS. Possible values are Windows or Linux. |
| RemoteIPCountry | string | Geographic location where computer is deployed. |
| RemoteIPLatitude | real | Latitude of computer's geographic location. |
| RemoteIPLongitude | real | Longitude of computer's geographic location. |
| Resource | string | Resource group name of the Azure resource running the agent. |
| ResourceGroup | string | Resource name of the Azure resource running the agent. |
| ResourceId | string | Resource ID of the Azure resource running the agent. Retained for for backward compatibility. _ResourceId should be used. |
| ResourceProvider | string | Resource provider of the Azure resource running the agent |
| ResourceType | string | Type of the Azure resource running the agent. Examples include virtualmachines or managedclusters. |
| SCAgentChannel | string | Specfies how agent is connected to workspace. Possible values are Direct or SCManagementServer. |
| Solutions | string | List of solutions deployed on the agent at the moment when Heartbeat was issued. |
| SourceSystem | string | The type of agent the event was collected by. For example,OpsManagerfor Windows agent, either direct connect or Operations Manager,Linuxfor all Linux agents, orAzurefor Azure Diagnostics |
| SubscriptionId | string | Subscription ID of the Azure resource running the agent |
| TimeGenerated | datetime | Date and time the record was created. |
| Type | string | The name of the table |
| Version | string | Version of the agent. |
| VMUUID | string | Unique identifier of the virtual machine. |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Cisco ASA/FTD via AMA |
In solution MaturityModelForEventLogManagementM2131:
| Analytic Rule | Selection Criteria |
|---|---|
| M2131_AssetStoppedLogging |
Standalone Content:
| Analytic Rule | Selection Criteria |
|---|---|
| Missing Domain Controller Heartbeat | |
| OMI Vulnerability Exploitation |
In solution DORA Compliance:
| Workbook | Selection Criteria |
|---|---|
| DORACompliance |
In solution Forcepoint NGFW:
| Workbook | Selection Criteria |
|---|---|
| ForcepointNGFWAdvanced |
In solution HIPAA Compliance:
| Workbook | Selection Criteria |
|---|---|
| HIPAACompliance |
In solution MaturityModelForEventLogManagementM2131:
| Workbook | Selection Criteria |
|---|---|
| MaturityModelForEventLogManagement_M2131 |
In solution NISTSP80053:
| Workbook | Selection Criteria |
|---|---|
| NISTSP80053 |
In solution PCI DSS Compliance:
| Workbook | Selection Criteria |
|---|---|
| PCIDSSCompliance |
In solution SOX IT Compliance:
| Workbook | Selection Criteria |
|---|---|
| SOXITCompliance | |
| SOXITCompliance |
In solution VMware SASE:
| Workbook | Selection Criteria |
|---|---|
| VMwareSASESOCDashboard |
In solution Windows Firewall:
| Workbook | Selection Criteria |
|---|---|
| WindowsFirewall |
GitHub Only:
| Workbook | Selection Criteria |
|---|---|
| AMAmigrationTracker | |
| AzureLogCoverage | |
| DataCollectionHealthMonitoring | |
| Data_Latency_Workbook | |
| ForcepointNGFWAdvanced | |
| SentinelWorkspaceReconTools | |
| WindowsFirewall | |
| WorkspaceUsage |
This table collects data from the following Azure resource types:
microsoft.compute/virtualmachinesmicrosoft.containerservice/managedclustersmicrosoft.kubernetes/connectedclustersmicrosoft.conenctedvmwarevsphere/virtualmachinesmicrosoft.azurestackhci/virtualmachinesmicrosoft.scvmm/virtualmachinesmicrosoft.compute/virtualmachinescalesetsmicrosoft.hybridcontainerservice/provisionedclustersmicrosoft.automation/automationaccountsBrowse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊