Illumio_Auditable_Events_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index

Attribute Value
Ingestion API Supported ✓ Yes

Contents

Schema (13 columns)

Source: KQL validation test schema

Column Name Type
_ItemId string
action dynamic
created_by dynamic
event_type string
href string
notifications dynamic
pce_fqdn string
resource_changes dynamic
severity string
status string
TenantId string
TimeGenerated datetime
version int

Solutions (1)

This table is used by the following solutions:

Connectors (1)

This table is ingested by the following connectors:

Connector Selection Criteria
Illumio SaaS

Content Items Using This Table (7)

Analytic Rules (6)

In solution IllumioSaaS:

Analytic Rule Selection Criteria
Illumio Enforcement Change Analytic Rule
Illumio Firewall Tampering Analytic Rule
Illumio VEN Clone Detection Rule
Illumio VEN Deactivated Detection Rule
Illumio VEN Offline Detection Rule
Illumio VEN Suspend Detection Rule

Workbooks (1)

In solution IllumioSaaS:

Workbook Selection Criteria
IllumioAuditableEvents

Parsers Using This Table (2)

ASIM Parsers (2)

Parser Schema Product Selection Criteria
ASimAuditEventIllumioSaaSCore AuditEvent Illumio Core
ASimAuthenticationIllumioSaaSCore Authentication Illumio

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index