Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Reference for SecurityIoTRawEvent table in Azure Monitor Logs.
| Attribute | Value |
|---|---|
| Category | Security |
| Basic Logs Eligible | ✗ No (source) |
| Supports Transformations | ✓ Yes (source) |
| Ingestion API Supported | ✗ No |
| Azure Monitor Tables Reference | View Documentation |
Source: Azure Monitor documentation
| Column Name | Type | Description |
|---|---|---|
| _BilledSize | real | The record size in bytes |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable isfalseingestion isn't billed to your Azure account |
| AgentVersion | string | The version of the agent. |
| AssociatedResourceId | string | The associated Azure resource ID. |
| AzureSubscriptionId | string | The Azure subscription ID. |
| DeviceId | string | The device ID. |
| EventDetails | string | Additional raw event details. |
| IoTRawEventId | string | The internal raw event ID. |
| IsEmpty | bool | Property identifying if the raw event contains data. |
| RawEventCategory | string | The category of the raw event - periodic or triggered. |
| RawEventName | string | The name of the raw event. |
| RawEventType | string | The type of the raw event - security, operational or diagnostic. |
| TimeGenerated | datetime | The date and time the raw event was generated. |
| TimeStamp | datetime | The date and time the raw event was first detected. |
| Type | string | The name of the table |
| Parser | Schema | Product | Selection Criteria |
|---|---|---|---|
| ASimAuthenticationMD4IoT | Authentication | Microsoft Defender for IoT | |
| ASimNetworkSessionMD4IoTAgent | NetworkSession | Microsoft Defender for IoT | |
| ASimProcessEventMD4IoT | ProcessEvent | Microsoft Defender for IoT |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊