Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| access_method | string |
| acting_user | string |
| activity | string |
| app | string |
| app_sessionid | string |
| assignee | string |
| bcc | string |
| cc | string |
| channel | string |
| classification | string |
| connectionid | string |
| destination_app | string |
| destination_instance_id | string |
| dlp_file | string |
| dlp_incidentid | string |
| dlp_match_info | dynamic |
| dlp_parentid | string |
| dst_location | string |
| exposure | string |
| file_lang | string |
| file_path | string |
| file_size | int |
| file_type | string |
| from_user | string |
| inline_dlp_match_info | dynamic |
| instance | string |
| instance_id | string |
| latest_incidentid | string |
| md5 | string |
| object | string |
| object_type | string |
| original_file_snapshot_id | string |
| owner | string |
| owner_pdl | string |
| referer | string |
| severity | string |
| site | string |
| src_location | string |
| status | string |
| TimeGenerated | datetime |
| timestamp | int |
| title_s | string |
| to_user | string |
| true_obj_category | string |
| true_obj_type | string |
| url | string |
| user | string |
| user_id | string |
| zip_file_id | string |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Netskope Alerts and Events (via Codeless Connector Framework) |
| Parser | Solution | Selection Criteria |
|---|---|---|
| NetskopeEventsDLP | Netskopev2 |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊