NGINX_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index

Attribute Value
Ingestion API Supported ✓ Yes

Contents

Schema (2 columns)

Source: KQL validation test schema

Column Name Type
RawData string
TimeGenerated datetime

Solutions (2)

This table is used by the following solutions:

Connectors (2)

This table is ingested by the following connectors:

Connector Selection Criteria
Custom logs via AMA
[Deprecated] NGINX HTTP Server

Content Items Using This Table (21)

Analytic Rules (10)

In solution NGINX HTTP Server:

Analytic Rule Selection Criteria
NGINX - Command in URI
NGINX - Core Dump
NGINX - Known malicious user agent
NGINX - Multiple client errors from single IP address
NGINX - Multiple server errors from single IP address
NGINX - Multiple user agents for single source
NGINX - Private IP address in URL
NGINX - Put file and get file from same IP address
NGINX - Request to sensitive files
NGINX - Sql injection patterns

Hunting Queries (10)

In solution NGINX HTTP Server:

Hunting Query Selection Criteria
NGINX - Abnormal request size
NGINX - Rare URLs requested
NGINX - Rare files requested
NGINX - Requests from bots and crawlers
NGINX - Requests to unexisting files
NGINX - Top URLs client errors
NGINX - Top URLs server errors
NGINX - Top files requested
NGINX - Top files with error requests
NGINX - Uncommon user agent strings

Workbooks (1)

In solution NGINX HTTP Server:

Workbook Selection Criteria
NGINX

Parsers Using This Table (1)

Other Parsers (1)

Parser Solution Selection Criteria
NGINXHTTPServer NGINX HTTP Server

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index