Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| actor | dynamic |
| audit | dynamic |
| audit_attribute_changes | dynamic |
| change_type | string |
| client_lookout_sdk_version | string |
| client_ota_version | string |
| client_package_name | string |
| client_package_version | string |
| device | dynamic |
| device_activated_at | datetime |
| device_activation_status | string |
| device_checkin_time | datetime |
| device_customer_id | string |
| device_deactivated_at | datetime |
| device_group_guid | string |
| device_permissions | dynamic |
| device_settings | dynamic |
| device_vulns | dynamic |
| enterprise_guid | string |
| event_type | string |
| id | string |
| log_type | string |
| mdm_connector_id | string |
| mdm_connector_uuid | string |
| mdm_external_id | string |
| risky_config | dynamic |
| smishing_alert | dynamic |
| smishing_detections | dynamic |
| target | dynamic |
| threat | dynamic |
| TimeGenerated | datetime |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Lookout Mobile Threat Detection Connector (via Codeless Connector Framework) (Preview) |
In solution Lookout:
In solution Lookout:
| Hunting Query | Selection Criteria |
|---|---|
| Lookout Advanced Threat Hunting - Multi-Vector Attacks |
In solution Lookout:
| Workbook | Selection Criteria |
|---|---|
| LookoutEvents | |
| LookoutEventsV2 | |
| LookoutExecutiveDashboard | |
| LookoutIOAInvestigationDashboard | |
| LookoutSecurityInvestigationDashboard |
| Parser | Solution | Selection Criteria |
|---|---|---|
| LookoutEvents | Lookout |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊