Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Reference for Operation table in Azure Monitor Logs.
| Attribute | Value |
|---|---|
| Category | Azure Monitor |
| Basic Logs Eligible | ✗ No |
| Ingestion API Supported | ✗ No |
| Azure Monitor Tables Reference | View Documentation |
Source: Azure Monitor documentation
| Column Name | Type | Description |
|---|---|---|
| _BilledSize | real | The record size in bytes |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable is false ingestion isn't billed to your Azure account |
| _ResourceId | string | A unique identifier for the resource that the record is associated with |
| _SubscriptionId | string | A unique identifier for the subscription that the record is associated with |
| Computer | string | Name of a physical or virtual machine having membership with Log Analytics agent. |
| CorrelationId | string | GUID that is shared with telemetry belonging to the same uber action. |
| Detail | string | User friendly string that describes further details about the operation |
| ErrorId | string | Deprecated. |
| HelpLink | string | Reference URL for additional contextual information. |
| ManagementGroupName | string | Name of the Operations Manager management group for System Center Operations Manager agents. |
| OperationCategory | string | Name of the area that produced the record. |
| OperationKey | string | Operation ID. Can be a GUID or string. |
| OperationStatus | string | Operation status description. Ccommon values include Warning Succeeded Failed Error. |
| Solution | string | Name of the managed solution that produced the record. Can also include other sources such as RestAPI. |
| SourceComputerId | string | Unique GUID identifier for a computer. |
| SourceSystem | string | The type of agent the event was collected by. For example, OpsManager for Windows agent, either direct connect or Operations Manager, Linux for all Linux agents, or Azure for Azure Diagnostics |
| TimeGenerated | datetime | Date and time that the record was created. |
| Type | string | The name of the table |
This table is used by the following solutions:
In solution Azure SQL Database solution for sentinel:
| Workbook | Selection Criteria |
|---|---|
| Workbook-AzureSQLSecurity |
In solution DPDP Compliance:
| Workbook | Selection Criteria |
|---|---|
| DPDPCompliance |
In solution GDPR Compliance & Data Security:
| Workbook | Selection Criteria |
|---|---|
| GDPRComplianceAndDataSecurity |
In solution Global Secure Access:
| Workbook | Selection Criteria |
|---|---|
| GSAM365EnrichedEvents |
In solution MaturityModelForEventLogManagementM2131:
| Workbook | Selection Criteria |
|---|---|
| MaturityModelForEventLogManagement_M2131 |
In solution Microsoft 365:
| Workbook | Selection Criteria |
|---|---|
| ExchangeOnline | |
| Office365 | |
| SharePointAndOneDrive |
In solution MicrosoftPurviewInsiderRiskManagement:
| Workbook | Selection Criteria |
|---|---|
| InsiderRiskManagement | |
| InsiderRiskManagement |
In solution NISTSP80053:
| Workbook | Selection Criteria |
|---|---|
| NISTSP80053 |
In solution SOC Handbook:
| Workbook | Selection Criteria |
|---|---|
| InvestigationInsights |
In solution SOX IT Compliance:
| Workbook | Selection Criteria |
|---|---|
| SOXITCompliance |
In solution ZeroTrust(TIC3.0):
| Workbook | Selection Criteria |
|---|---|
| ZeroTrustTIC3 |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊