Azure-Sentinel/Sample Data/Custom/DuoSecurityOfflineEnrollment_CL.json

[
  {
    "TenantId": "b3a60639-f318-4790-aa86-c91548ca5ea3",
    "SourceSystem": "RestAPI",
    "MG": "",
    "ManagementGroupName": "",
    "TimeGenerated [UTC]": "2/11/2021, 3:58:29.461 AM",
    "Computer": "",
    "RawData": "",
    "action_s": "o2fa_user_provisioned",
    "description_s": "{\"user_agent\": \"DuoCredProv/4.0.6.413 (Windows NT 6.3.9600; x64; Server)\", \"hostname\": \"WKSW10x64\", \"factor\": \"duo_otp\"}",
    "isotimestamp_t [UTC]": "8/30/2019, 4:10:05.000 PM",
    "object_s": "Acme Laptop Windows Logon",
    "timestamp_d": "1567181405",
    "username_s": "narroway",
    "Type": "DuoSecurityOfflineEnrollment_CL",
    "_ResourceId": ""
  },
  {
    "TenantId": "b3a60639-f318-4790-aa86-c91548ca5ea3",
    "SourceSystem": "RestAPI",
    "MG": "",
    "ManagementGroupName": "",
    "TimeGenerated [UTC]": "2/11/2021, 3:57:42.906 AM",
    "Computer": "",
    "RawData": "",
    "action_s": "o2fa_user_provisioned",
    "description_s": "{\"user_agent\": \"DuoCredProv/4.0.6.413 (Windows NT 6.3.9600; x64; Server)\", \"hostname\": \"WKSW10x64\", \"factor\": \"duo_otp\"}",
    "isotimestamp_t [UTC]": "8/30/2019, 4:10:05.000 PM",
    "object_s": "Acme Laptop Windows Logon",
    "timestamp_d": "1567181405",
    "username_s": "narroway",
    "Type": "DuoSecurityOfflineEnrollment_CL",
    "_ResourceId": ""
  },
  {
    "TenantId": "b3a60639-f318-4790-aa86-c91548ca5ea3",
    "SourceSystem": "RestAPI",
    "MG": "",
    "ManagementGroupName": "",
    "TimeGenerated [UTC]": "2/11/2021, 3:58:22.992 AM",
    "Computer": "",
    "RawData": "",
    "action_s": "o2fa_user_provisioned",
    "description_s": "{\"user_agent\": \"DuoCredProv/4.0.6.413 (Windows NT 6.3.9600; x64; Server)\", \"hostname\": \"WKSW10x64\", \"factor\": \"duo_otp\"}",
    "isotimestamp_t [UTC]": "8/30/2019, 4:10:05.000 PM",
    "object_s": "Acme Laptop Windows Logon",
    "timestamp_d": "1567181405",
    "username_s": "narroway",
    "Type": "DuoSecurityOfflineEnrollment_CL",
    "_ResourceId": ""
  },
  {
    "TenantId": "b3a60639-f318-4790-aa86-c91548ca5ea3",
    "SourceSystem": "RestAPI",
    "MG": "",
    "ManagementGroupName": "",
    "TimeGenerated [UTC]": "2/11/2021, 3:59:06.997 AM",
    "Computer": "",
    "RawData": "",
    "action_s": "o2fa_user_provisioned",
    "description_s": "{\"user_agent\": \"DuoCredProv/4.0.6.413 (Windows NT 6.3.9600; x64; Server)\", \"hostname\": \"WKSW10x64\", \"factor\": \"duo_otp\"}",
    "isotimestamp_t [UTC]": "8/30/2019, 4:10:05.000 PM",
    "object_s": "Acme Laptop Windows Logon",
    "timestamp_d": "1567181405",
    "username_s": "narroway",
    "Type": "DuoSecurityOfflineEnrollment_CL",
    "_ResourceId": ""
  },
  {
    "TenantId": "b3a60639-f318-4790-aa86-c91548ca5ea3",
    "SourceSystem": "RestAPI",
    "MG": "",
    "ManagementGroupName": "",
    "TimeGenerated [UTC]": "2/11/2021, 3:59:16.793 AM",
    "Computer": "",
    "RawData": "",
    "action_s": "o2fa_user_provisioned",
    "description_s": "{\"user_agent\": \"DuoCredProv/4.0.6.413 (Windows NT 6.3.9600; x64; Server)\", \"hostname\": \"WKSW10x64\", \"factor\": \"duo_otp\"}",
    "isotimestamp_t [UTC]": "8/30/2019, 4:10:05.000 PM",
    "object_s": "Acme Laptop Windows Logon",
    "timestamp_d": "1567181405",
    "username_s": "narroway",
    "Type": "DuoSecurityOfflineEnrollment_CL",
    "_ResourceId": ""
  }
]