Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Update ASimTester.csv

This commit is contained in:
Ofer Shezaf 2022-05-12 08:35:54 +03:00 коммит произвёл GitHub
Родитель 10377921b3
Коммит b4630954ad
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
1 изменённых файлов: 9 добавлений и 7 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

16
ASIM/dev/ASimTester/ASimTester.csv
Просмотреть файл

@ -1,10 +1,11 @@
ColumnName,ColumnType,Class,Schema,LogicalType,ListOfValues,Aliased
_ResourceId,string,Recommended,NetworkSession,,,
TimeGenerated,datetime,Optional,NetworkSession,,,
Type,string,Recommended,NetworkSession,,,
EventMessage,string,Optional,NetworkSession,,,
EventCount,int,Mandatory,NetworkSession,,,
EventStartTime,datetime,Mandatory,NetworkSession,,,
EventEndTime,datetime,Alias,NetworkSession,,,TimeGenerated
EventEndTime,datetime,Mandatory,NetworkSession,,,
EventType,string,Mandatory,NetworkSession,Enumerated,NetworkSession,NetworkSession|EndpointNetworkSession|Flow
EventSubType,string,Optional,NetworkSession,Enumerated,Start|End|,
EventResult,string,Mandatory,NetworkSession,Enumerated,Success|Partial|Failure|NA,
@ -184,7 +185,7 @@ DvcDescription,string,Optional,Dns,,,
SrcDescription,string,Optional,Dns,,,
DstDescription,string,Optional,Dns,,,
EventCount,int,Mandatory,Dns,,,
EventEndTime,datetime,Alias,Dns,,,TimeGenerated
EventEndTime,datetime,Mandatory,Dns,,,
EventMessage,string,Optional,Dns,,,
EventOriginalType,string,Optional,Dns,,,
EventOriginalSubType,string,Optional,Dns,,,
@ -242,11 +243,12 @@ Type,string,Recommended,Dns,,,
UrlCategory,string,Optional,Dns,,,
User,string,Alias,Dns,Username,,SrcUsername
_ResourceId,string,Recommended,WebSession,,,
TimeGenerated,datetime,Optional,WebSession,,,
Type,string,Recommended,WebSession,,,
EventMessage,string,Optional,WebSession,,,
EventCount,int,Mandatory,WebSession,,,
EventStartTime,datetime,Mandatory,WebSession,,,
EventEndTime,datetime,Alias,WebSession,,,TimeGenerated
EventEndTime,datetime,Mandatory,WebSession,,,
EventType,string,Mandatory,WebSession,Enumerated,HTTPsession,
EventSubType,string,Optional,WebSession,,,
EventResult,string,Mandatory,WebSession,Enumerated,Success|Partial|Failure|NA,
@ -427,7 +429,7 @@ DvcOsVersion,string,Optional,Authentication,,,
DvcSubscriptionId,string,Optional,Authentication,,,
DvcZone,string,Optional,Authentication,,,
EventCount,int,Mandatory,Authentication,,,
EventEndTime,datetime,Mandatory,Authentication,,,TimeGenerated
EventEndTime,datetime,Mandatory,Authentication,,,
EventMessage,string,Optional,Authentication,,,
EventOriginalResultDetails,string,Optional,Authentication,,,
EventOriginalSeverity,string,Optional,Authentication,,,
@ -493,7 +495,7 @@ _ResourceId,string,Recommended,FileEvent,,,
EventMessage,string,Optional,FileEvent,,,
EventCount,int,Optional,FileEvent,,,
EventStartTime,datetime,Mandatory,FileEvent,,,
EventEndTime,datetime,Alias,FileEvent,,,TimeGenerated
EventEndTime,datetime,Mandatory,FileEvent,,,
EventType,string,Mandatory,FileEvent,Enumerated,FileCreated|FileModified|FileDeleted|FileRenamed|FileCopied|FileMoved|FolderCreated|FolderDeleted,
EventResult,string,Mandatory,FileEvent,Enumerated,Success|Failure|Partial|NA,
EventOriginalUid,string,Optional,FileEvent,,,
@ -608,7 +610,7 @@ DvcOsVersion,string,Optional,ProcessEvent,,,
DvcSubscriptionId,string,Optional,ProcessEvent,,,
DvcZone,string,Optional,ProcessEvent,,,
EventCount,int,Mandatory,ProcessEvent,,,
EventEndTime,datetime,Mandatory,ProcessEvent,,,TimeGenerated
EventEndTime,datetime,Mandatory,ProcessEvent,,,
EventMessage,string,Optional,ProcessEvent,,,
EventOriginalResultDetails,string,Optional,ProcessEvent,,,
EventOriginalResultDetails,string,Optional,ProcessEvent,,,
@ -692,7 +694,7 @@ DvcDescription,string,Optional,RegistryEvent,,,
SrcDescription,string,Optional,RegistryEvent,,,
DstDescription,string,Optional,RegistryEvent,,,
EventCount,int,Mandatory,RegistryEvent,,,
EventEndTime,datetime,Alias,RegistryEvent,,,TimeGenerated
EventEndTime,datetime,Mandatory,RegistryEvent,,,
EventOriginalType,string,Optional,RegistryEvent,,,
EventOriginalSubType,string,Optional,RegistryEvent,,,
EventOriginalUid,string,Optional,RegistryEvent,,,

1 ColumnName ColumnType Class Schema LogicalType ListOfValues Aliased
2 _ResourceId string Recommended NetworkSession
3 TimeGenerated datetime Optional NetworkSession
4 Type string Recommended NetworkSession
5 EventMessage string Optional NetworkSession
6 EventCount int Mandatory NetworkSession
7 EventStartTime datetime Mandatory NetworkSession
8 EventEndTime datetime Alias Mandatory NetworkSession TimeGenerated
9 EventType string Mandatory NetworkSession Enumerated NetworkSession NetworkSession|EndpointNetworkSession|Flow
10 EventSubType string Optional NetworkSession Enumerated Start|End|
11 EventResult string Mandatory NetworkSession Enumerated Success|Partial|Failure|NA
185 SrcDescription string Optional Dns
186 DstDescription string Optional Dns
187 EventCount int Mandatory Dns
188 EventEndTime datetime Alias Mandatory Dns TimeGenerated
189 EventMessage string Optional Dns
190 EventOriginalType string Optional Dns
191 EventOriginalSubType string Optional Dns
243 UrlCategory string Optional Dns
244 User string Alias Dns Username SrcUsername
245 _ResourceId string Recommended WebSession
246 TimeGenerated datetime Optional WebSession
247 Type string Recommended WebSession
248 EventMessage string Optional WebSession
249 EventCount int Mandatory WebSession
250 EventStartTime datetime Mandatory WebSession
251 EventEndTime datetime Alias Mandatory WebSession TimeGenerated
252 EventType string Mandatory WebSession Enumerated HTTPsession
253 EventSubType string Optional WebSession
254 EventResult string Mandatory WebSession Enumerated Success|Partial|Failure|NA
429 DvcSubscriptionId string Optional Authentication
430 DvcZone string Optional Authentication
431 EventCount int Mandatory Authentication
432 EventEndTime datetime Mandatory Authentication TimeGenerated
433 EventMessage string Optional Authentication
434 EventOriginalResultDetails string Optional Authentication
435 EventOriginalSeverity string Optional Authentication
495 EventMessage string Optional FileEvent
496 EventCount int Optional FileEvent
497 EventStartTime datetime Mandatory FileEvent
498 EventEndTime datetime Alias Mandatory FileEvent TimeGenerated
499 EventType string Mandatory FileEvent Enumerated FileCreated|FileModified|FileDeleted|FileRenamed|FileCopied|FileMoved|FolderCreated|FolderDeleted
500 EventResult string Mandatory FileEvent Enumerated Success|Failure|Partial|NA
501 EventOriginalUid string Optional FileEvent
610 DvcSubscriptionId string Optional ProcessEvent
611 DvcZone string Optional ProcessEvent
612 EventCount int Mandatory ProcessEvent
613 EventEndTime datetime Mandatory ProcessEvent TimeGenerated
614 EventMessage string Optional ProcessEvent
615 EventOriginalResultDetails string Optional ProcessEvent
616 EventOriginalResultDetails string Optional ProcessEvent
694 SrcDescription string Optional RegistryEvent
695 DstDescription string Optional RegistryEvent
696 EventCount int Mandatory RegistryEvent
697 EventEndTime datetime Alias Mandatory RegistryEvent TimeGenerated
698 EventOriginalType string Optional RegistryEvent
699 EventOriginalSubType string Optional RegistryEvent
700 EventOriginalUid string Optional RegistryEvent