NetworkSummary_Protocol_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Tables Index

---

Attribute	Value
Ingestion API Supported	✓ Yes

Contents

• Schema
• Solutions
• Content Items

Schema (9 columns)

Source: KQL validation test schema

Column Name	Type
count_	int
DstAppName	string
DstPortNumber	int
DvcAction	string
EventTime	datetime
NetworkDirection	string
NetworkProtocol	string
TimeGenerated	datetime
Type	string

Solutions (1)

This table is used by the following solutions:

• Network Session Essentials

---

Content Items Using This Table (6)

Analytic Rules (3)

In solution Network Session Essentials:

Analytic Rule	Selection Criteria
Anomaly found in Network Session Traffic (ASIM Network Session schema)
Detect port misuse by anomaly based detection (ASIM Network Session schema)
Detect port misuse by static threshold (ASIM Network Session schema)

Hunting Queries (2)

In solution Network Session Essentials:

Hunting Query	Selection Criteria
Detect port misuse by anomaly (ASIM Network Session schema)
Detect port misuse by static threshold (ASIM Network Session schema)

Workbooks (1)

In solution Network Session Essentials:

Workbook	Selection Criteria
NetworkSessionEssentialsV2

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Tables Index