SnowflakeRoleGrant_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index

Attribute Value
Ingestion API Supported ✓ Yes

Contents

Schema (2 columns)

Source: KQL validation test schema

Column Name Type
Data string
TimeGenerated datetime

Solutions (1)

This table is used by the following solutions:

Connectors (1)

This table is ingested by the following connectors:

Connector Selection Criteria
Snowflake (via Codeless Connector Framework)

Content Items Using This Table (21)

Analytic Rules (10)

In solution Snowflake:

Analytic Rule Selection Criteria
Snowflake - Abnormal query process time
Snowflake - Multiple failed queries
Snowflake - Multiple login failures by user
Snowflake - Multiple login failures from single IP
Snowflake - Possible data destraction
Snowflake - Possible discovery activity
Snowflake - Possible privileges discovery activity
Snowflake - Query on sensitive or restricted table
Snowflake - Unusual query
Snowflake - User granted admin privileges

Hunting Queries (10)

In solution Snowflake:

Hunting Query Selection Criteria
Snowflake - Credit consuming queries
Snowflake - Deleted databases
Snowflake - Deleted tables
Snowflake - Failed logins
Snowflake - Privileged users' source IP addresses
Snowflake - Rarely used account
Snowflake - Rarely used privileged users
Snowflake - Time consuming queries
Snowflake - Unknown query type
Snowflake - Users' source IP addresses

Workbooks (1)

In solution Snowflake:

Workbook Selection Criteria
Snowflake

Parsers Using This Table (1)

Other Parsers (1)

Parser Solution Selection Criteria
Snowflake Snowflake

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index