Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Ingestion API Supported | ✓ Yes |
Source: KQL validation test schema
| Column Name | Type |
|---|---|
| cipher_alg | string |
| client | string |
| compression_alg | string |
| hassh | string |
| hasshServer | string |
| host_key | string |
| host_key_alg | string |
| id_ip_ver | string |
| id_orig_h | string |
| id_orig_p | int |
| id_resp_h | string |
| id_resp_p | int |
| kex_alg | string |
| local_orig | bool |
| local_resp | bool |
| mac_alg | string |
| orig_hostname | string |
| orig_huid | string |
| orig_sluid | string |
| resp_hostname | string |
| resp_huid | string |
| resp_sluid | string |
| sensor_uid | string |
| server | string |
| TimeGenerated | datetime |
| ts | datetime |
| uid | string |
| version | int |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| [Recommended] Vectra AI Stream via AMA |
| Parser | Solution | Selection Criteria |
|---|---|---|
| vectra_ssh | Vectra AI Stream |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊