Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Custom Log V1 | Yes 🔶 — uses type-suffixed column names |
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| _ResourceId | string |
| actionType_s | string |
| activityType_s | string |
| anomalyName_s | string |
| anomalyType_s | string |
| appName_s | string |
| cloudType_s | string |
| Computer | string |
| contentName_s | string |
| contentUrl_s | string |
| currentCity_s | string |
| currentEventId_g | string |
| currentTimestamp_t | datetime |
| data_s | string |
| eventId_g | string |
| eventType_s | string |
| externalCollaborators_s | string |
| ManagementGroupName | string |
| Message | string |
| MG | string |
| policyName_s | string |
| previousCity_s | string |
| previousEventId_g | string |
| previousTimestamp_t | datetime |
| RawData | string |
| scanType_s | string |
| SourceSystem | string |
| status_s | string |
| statusCode_d | real |
| TenantId | string |
| TimeGenerated | datetime |
| timeStamp_t | datetime |
| Type | string |
| userEmail_s | string |
| violation_s | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Lookout Cloud Security for Microsoft Sentinel |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊