| _BilledSize |
|
Double |
| _IsBillable |
|
String |
| AnalysisResults |
The results of analyzing the case evidence (alerts, cloud_assets, events, files, hosts, users). |
Object |
| AssignedTo |
Details about the user who is currently assigned to the case. |
Object |
| Cid |
The unique customer account ID that the case belongs to. |
String |
| Consistency |
Background processing details associated with updates made to the case. |
Object |
| CreatedBy |
Details about the user who created the case. |
Object |
| CreatedTimestamp |
The date and time the case was created. |
DateTime |
| Description |
The user-provided description of the case. |
String |
| EndTimestamp |
The date and time the case was ended. |
DateTime |
| Evidence |
Evidence associated with the case (alerts, events). |
Object |
| Id |
The unique ID of the case. |
String |
| LastUpdatedBy |
Details about the user who last updated the case. |
Object |
| Name |
The user-defined case name. |
String |
| Severity |
The current user-provided severity rating of the case (1-100). |
Int32 |
| SeverityInfo |
Additional information about the severity of the case. |
Object |
| SourceSystem |
|
String |
| StartTimestamp |
The date and time the case was started. |
DateTime |
| Status |
The current status of the case (new, closed, in_progress, reopened). |
String |
| Tags |
A list of user-defined labels applied to the case. |
Object |
| TenantId |
Unique identifier of the tenant into which the data connector ingests data. |
String |
| TimeGenerated |
The timestamp (UTC) when the host data was ingested. |
DateTime |
| Type |
The name of the table |
String |
| UpdatedTimestamp |
The date and time the case was last updated. |
DateTime |
| Version |
The current case version. |
Int32 |