5 строки
1.1 KiB
YAML
5 строки
1.1 KiB
YAML
externaldata(TimeGenerated:datetime, AwsEventId:string, EventVersion:string, EventSource:string, EventTypeName:string, EventName:string, UserIdentityType:string, UserIdentityPrincipalid:string, UserIdentityArn:string, UserIdentityAccountId:string, UserIdentityInvokedBy:string, UserIdentityAccessKeyId:string, UserIdentityUserName:string, SessionMfaAuthenticated:bool, SessionCreationDate:datetime, SessionIssuerType:string, SessionIssuerPrincipalId:string, SessionIssuerArn:string, SessionIssuerAccountId:string, SessionIssuerUserName:string, AWSRegion:string, SourceIpAddress:string, UserAgent:string, ErrorCode:string, ErrorMessage:string, RequestParameters:string, ResponseElements:string, AdditionalEventData:string, AwsRequestId:string, AwsRequestId_:string, Resources:string, APIVersion:string, ReadOnly:bool, RecipientAccountId:string, ServiceEventDetails:string, SharedEventId:string, VpcEndpointId:string, ManagementEvent:bool, TenantId:string, SourceSystem:string, OperationName:string, Category:string, Type:string)
|
|
[
|
|
h@"https://STORAGEACCOUNTNAME.blob.core.windows.net/am-awscloudtrail/SASSIG"
|
|
]
|
|
with(format="json") |