Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Alerts that been generated by security products.
Table attributes
Attribute | Value |
---|---|
Resource types | microsoft.securityinsights/securityinsights |
Categories | Security |
Solutions | AzureSecurityOfThings, Security, SecurityCenter, SecurityCenterFree, SecurityInsights |
Basic log | No |
Ingestion-time transformation | Yes |
Sample Queries | - |
Columns
Column | Type | Description |
---|---|---|
AlertLink | string | |
AlertName | string | |
AlertSeverity | string | |
AlertType | string | |
_BilledSize | real | The record size in bytes |
CompromisedEntity | string | |
ConfidenceLevel | string | |
ConfidenceScore | real | |
Description | string | |
DisplayName | string | |
EndTime | datetime | |
Entities | string | |
ExtendedLinks | string | |
ExtendedProperties | string | |
_IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable is false ingestion isn't billed to your Azure account |
IsIncident | bool | |
ProcessingEndTime | datetime | |
ProductComponentName | string | |
ProductName | string | |
ProviderName | string | |
RemediationSteps | string | |
ResourceId | string | |
SourceComputerId | string | |
StartTime | datetime | |
Status | string | |
SubTechniques | string | |
SystemAlertId | string | |
Tactics | string | |
Techniques | string | |
TimeGenerated | datetime | |
Type | string | The name of the table |
VendorName | string | |
VendorOriginalId | string | |
WorkspaceResourceGroup | string | |
WorkspaceSubscriptionId | string |