| _BilledSize |
|
Double |
| _IsBillable |
|
String |
| AgentLoadFlags |
Flags indicating the load status of the CrowdStrike agent. |
String |
| AgentLocalTime |
Local time of the system where the agent is installed. |
String |
| AgentVersion |
Version of the installed CrowdStrike agent. |
String |
| BaseImageVersion |
Version of the base operating system image. |
String |
| BiosManufacturer |
Manufacturer of the system BIOS. |
String |
| BiosVersion |
Version of the system BIOS. |
String |
| BuildNumber |
Operating system build number. |
String |
| ChassisType |
Type of system chassis (numerical identifier). |
String |
| ChassisTypeDesc |
Description of the system chassis type. |
String |
| Cid |
Cid the CrowdStrike platform. |
String |
| ConfigIdBase |
Base configuration ID for the CrowdStrike agent. |
String |
| ConfigIdBuild |
Build configuration ID for the CrowdStrike agent. |
String |
| ConfigIdPlatform |
Platform-specific configuration ID for the CrowdStrike agent. |
String |
| ConnectionIp |
IP address used by the host to connect to CrowdStrike cloud. |
String |
| ConnectionMacAddress |
MAC address of the network interface used for CrowdStrike connection. |
String |
| CpuSignature |
Unique identifier for the CPU architecture and features. |
String |
| CpuVendor |
Manufacturer of the CPU. |
String |
| DefaultGatewayIp |
IP address of the default network gateway. |
String |
| DeploymentType |
Type of CrowdStrike agent deployment on the host. |
String |
| DetectionSuppressionStatus |
Status of detection suppression rules applied to the host. |
String |
| DeviceId |
Unique identifier for the device in CrowdStrike platform. |
String |
| DevicePolicies |
List of security policies applied to the device. |
Object |
| Email |
Email address associated with the host or primary user. |
String |
| ExternalIp |
External IP address of the host. |
String |
| FilesystemContainmentStatus |
Status of filesystem containment feature for the host. |
String |
| FirstLoginTimestamp |
Timestamp of the first user login on the host. |
String |
| FirstSeen |
Timestamp when the host was first seen by CrowdStrike. |
String |
| GroupHash |
Hash identifier for the host’s group membership. |
String |
| Groups |
List of security groups the host belongs to. |
Object |
| HostHiddenStatus |
Indicates if the host is hidden from normal visibility. |
String |
| Hostname |
Network hostname of the system. |
String |
| HostUtcOffset |
UTC time offset for the host’s timezone. |
String |
| InstanceId |
Cloud instance identifier (if applicable). |
String |
| InternetExposure |
Level of internet exposure for the host. |
String |
| K8sClusterGitVersion |
Git version of the Kubernetes cluster deployment. |
String |
| K8sClusterId |
Unique identifier for the Kubernetes cluster. |
String |
| K8sClusterVersion |
Version of the Kubernetes cluster. |
String |
| KernelVersion |
Version of the operating system kernel. |
String |
| LastLoginTimestamp |
Timestamp of the most recent user login. |
String |
| LastLoginUid |
User ID of the last user to log in. |
String |
| LastLoginUser |
Username of the last user to log in. |
String |
| LastLoginUserSid |
Security identifier (SID) of the last user to log in. |
String |
| LastReboot |
Timestamp of the last system reboot. |
String |
| LastSeen |
Timestamp when the host was last seen active by CrowdStrike. |
String |
| LinuxSensorMode |
Operating mode of the CrowdStrike sensor on Linux systems. |
String |
| LocalIp |
Local/Internal IP address of the host. |
String |
| MacAddress |
Primary MAC address of the host. |
String |
| MachineDomain |
Domain name the machine is joined to. |
String |
| MajorVersion |
Major version number of the operating system. |
String |
| ManagedApps |
List of applications managed by CrowdStrike on the host. |
Object |
| Meta |
Additional metadata about the host. |
Object |
| MigrationCompletedTime |
Timestamp when agent migration was completed. |
String |
| MinorVersion |
Minor version number of the operating system. |
String |
| ModifiedTimestamp |
Timestamp when the host record was last modified. |
String |
| Notes |
Custom notes or annotations about the host. |
Object |
| OsBuild |
Build number of the operating system. |
String |
| OsProductName |
Product name of the operating system. |
String |
| OsVersion |
Version string of the operating system. |
String |
| Ou |
Organizational Unit information for the host. |
Object |
| PlatformId |
Unique identifier for the platform type. |
String |
| PlatformName |
Name of the platform. |
String |
| PodAnnotations |
Kubernetes pod annotations associated with the host. |
Object |
| PodHostIp4 |
IPv4 address of the Kubernetes pod host. |
String |
| PodHostIp6 |
IPv6 address of the Kubernetes pod host. |
String |
| PodHostname |
Hostname of the Kubernetes pod. |
String |
| PodId |
Unique identifier for the Kubernetes pod. |
String |
| PodIp4 |
IPv4 address assigned to the Kubernetes pod. |
String |
| PodIp6 |
IPv6 address assigned to the Kubernetes pod. |
String |
| PodLabels |
Labels assigned to the Kubernetes pod. |
Object |
| PodName |
Name of the Kubernetes pod. |
String |
| PodNamespace |
Kubernetes namespace where the pod is deployed. |
String |
| PodServiceAccountName |
Name of the Kubernetes service account used by the pod. |
String |
| PointerSize |
Memory pointer size of the system architecture (32/64 bit). |
String |
| Policies |
List of all security policies applied to the host. |
Object |
| ProductType |
Type of product or system (numerical identifier). |
String |
| ProductTypeDesc |
Description of the product or system type. |
String |
| ProvisionStatus |
Current provisioning status of the host. |
String |
| ReducedFunctionalityMode |
Indicates if the host is running in reduced functionality mode. |
String |
| ReleaseGroup |
Group identifier for software release management. |
String |
| RtrState |
State of Real Time Response functionality. |
String |
| SerialNumber |
System serial number from BIOS/hardware. |
String |
| ServicePackMajor |
Major version of installed service pack. |
String |
| ServicePackMinor |
Minor version of installed service pack. |
String |
| ServiceProvider |
Cloud service provider hosting the system. |
String |
| ServiceProviderAccountId |
Account identifier from the cloud service provider. |
String |
| SiteName |
Name of the site where the host is located. |
String |
| SourceSystem |
|
String |
| Status |
Current operational status of the host. |
String |
| SystemManufacturer |
Manufacturer of the system hardware. |
String |
| SystemProductName |
Product name or model of the system. |
String |
| Tags |
Custom tags assigned to the host. |
Object |
| TenantId |
Unique identifier of the tenant into which the data connector ingests data. |
String |
| TimeGenerated |
The timestamp (UTC) when the host data was ingested. |
DateTime |
| Type |
The name of the table |
String |