Lookout_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index

Attribute Value
Custom Log V1 Yes 🔶 — uses type-suffixed column names
Ingestion API Supported ✓ Yes

Contents

Schema (35 columns)

Source: KQL validation test schema

Column Name Type
actor_id_g string
actor_type_s string
changeType_s string
details_action_s string
details_activationStatus_s string
details_applicationName_s string
details_assessments_s dynamic
details_attributeChanges_s dynamic
details_classifications_s dynamic
details_description_s string
details_fileName_s string
details_id_g string
details_packageName_s string
details_packageSha_s string
details_path_s string
details_pcpDeviceResponse_s string
details_pcpReportingReason_s string
details_protectionStatus_s string
details_securityStatus_s string
details_severity_s string
details_type_s string
eventTime_t datetime
id_s string
SourceSystem string
target_emailAddress_s string
target_id_g string
target_manufacturer_s string
target_model_s string
target_osVersion_s string
target_platform_s string
target_type_s string
TenantId string
TimeGenerated datetime
type_s string
updatedDetails_s dynamic

Solutions (1)

This table is used by the following solutions:

Connectors (1)

This table is ingested by the following connectors:

Connector Selection Criteria
[DEPRECATED] Lookout

Content Items Using This Table (1)

Analytic Rules (1)

In solution Lookout:

Analytic Rule Selection Criteria
Lookout - New Threat events found.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index