Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Alerts that been generated by security products.
Table attributes
| Attribute | Value |
|---|---|
| Resource types | microsoft.securityinsights/securityinsights |
| Categories | Security |
| Solutions | AzureSecurityOfThings, Security, SecurityCenter, SecurityCenterFree, SecurityInsights |
| Basic log | No |
| Ingestion-time transformation | Yes |
| Sample Queries | - |
Columns
| Column | Type | Description |
|---|---|---|
| AlertLink | string | |
| AlertName | string | |
| AlertSeverity | string | |
| AlertType | string | |
| _BilledSize | real | The record size in bytes |
| CompromisedEntity | string | |
| ConfidenceLevel | string | |
| ConfidenceScore | real | |
| Description | string | |
| DisplayName | string | |
| EndTime | datetime | |
| Entities | string | |
| ExtendedLinks | string | |
| ExtendedProperties | string | |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable is false ingestion isn't billed to your Azure account |
| IsIncident | bool | |
| ProcessingEndTime | datetime | |
| ProductComponentName | string | |
| ProductName | string | |
| ProviderName | string | |
| RemediationSteps | string | |
| ResourceId | string | |
| SourceComputerId | string | |
| StartTime | datetime | |
| Status | string | |
| SubTechniques | string | |
| SystemAlertId | string | |
| Tactics | string | |
| Techniques | string | |
| TimeGenerated | datetime | |
| Type | string | The name of the table |
| VendorName | string | |
| VendorOriginalId | string | |
| WorkspaceResourceGroup | string | |
| WorkspaceSubscriptionId | string |