Azure-Sentinel/Sample Data/Custom/ForcepointDLPEvents_CL.json

[
  {
    "TenantId": "00000000-0000-0000-0000-000000000000",
    "SourceSystem": "RestAPI",
    "MG": "",
    "ManagementGroupName": "",
    "TimeGenerated": "2020-02-05T14:31:55.123Z",
    "Computer": "",
    "RawData": "",
    "DestinationDomain": "csm-testcenter.org",
    "CreatedAt": "2020-02-05T14:26:54Z",
    "Protocol": "HTTP",
    "PolicyCategoryId": 850172,
    "Type": "Forcepoint DLP",
    "GeneratorId": 164061,
    "Id": "incident_Id-164061-rule_id-164062",
    "RuleName": "User uploading CV",
    "Severity": "LOW",
    "UpdatedAt": "2020-02-05T14:26:54Z",
    "DestinationHostname": "www.csm-testcenter.org",
    "ExternalId": 11550642310619705000,
    "SourceIpV4": "192.168.122.2",
    "Text": "Forcepoint Content Gateway Server on web-wcg.demo.com-HTTP",
    "DestinationCommonName": "www.csm-testcenter.org",
    "DestinationIpV4": "178.63.68.61",
    "SourceDomain": "none",
    "Title": "Forcepoint DLP Incident",
    "ForcepointDLPSourceIP": "192.168.122.2",
    "UpdatedBy": "Forcepoint Content Gateway Server on web-wcg.demo.com",
    "Description": "http://www.csm-testcenter.org/test",
    "Type": "ForcepointDLPEvents_CL",
    "_ResourceId": ""
  },
  {
    "TenantId": "00000000-0000-0000-0000-000000000000",
    "SourceSystem": "RestAPI",
    "MG": "",
    "ManagementGroupName": "",
    "TimeGenerated": "2020-02-05T14:31:55.123Z",
    "Computer": "",
    "RawData": "",
    "DestinationDomain": "csm-testcenter.org",
    "CreatedAt": "2020-02-05T14:27:00Z",
    "Protocol": "HTTP",
    "PolicyCategoryId": 850170,
    "Type": "Forcepoint DLP",
    "GeneratorId": 163858,
    "Id": "incident_Id-163858-rule_id-163859",
    "RuleName": "block credit card numbers",
    "Severity": "HIGH",
    "UpdatedAt": "2020-02-05T14:27:00Z",
    "DestinationHostname": "www.csm-testcenter.org",
    "ExternalId": 237894709905121000,
    "SourceIpV4": "192.168.122.2",
    "Text": "Forcepoint Content Gateway Server on web-wcg.demo.com-HTTP",
    "DestinationCommonName": "www.csm-testcenter.org",
    "DestinationIpV4": "178.63.68.61",
    "SourceDomain": "none",
    "Title": "Forcepoint DLP Incident",
    "ForcepointDLPSourceIP": "192.168.122.2",
    "UpdatedBy": "Forcepoint Content Gateway Server on web-wcg.demo.com",
    "Description": "http://www.csm-testcenter.org/test",
    "Type": "ForcepointDLPEvents_CL",
    "_ResourceId": ""
  },
  {
    "TenantId": "00000000-0000-0000-0000-000000000000",
    "SourceSystem": "RestAPI",
    "MG": "",
    "ManagementGroupName": "",
    "TimeGenerated": "2020-02-05T11:46:08.407Z",
    "Computer": "",
    "RawData": "",
    "DestinationDomain": "csm-testcenter.org",
    "CreatedAt": "2020-02-05T11:42:48Z",
    "Protocol": "HTTP",
    "PolicyCategoryId": 850170,
    "Type": "Forcepoint DLP",
    "GeneratorId": 163836,
    "Id": "incident_Id-163836-rule_id-163837",
    "RuleName": "block credit card numbers",
    "Severity": "HIGH",
    "UpdatedAt": "2020-02-05T11:42:48Z",
    "DestinationHostname": "www.csm-testcenter.org",
    "ExternalId": 11118801960067826000,
    "SourceIpV4": "192.168.122.2",
    "Text": "Forcepoint Content Gateway Server on web-wcg.demo.com-HTTP",
    "DestinationCommonName": "www.csm-testcenter.org",
    "DestinationIpV4": "178.63.68.61",
    "SourceDomain": "none",
    "Title": "Forcepoint DLP Incident",
    "ForcepointDLPSourceIP": "192.168.122.2",
    "UpdatedBy": "Forcepoint Content Gateway Server on web-wcg.demo.com",
    "Description": "http://www.csm-testcenter.org/test",
    "Type": "ForcepointDLPEvents_CL",
    "_ResourceId": ""
  }
]