| _BilledSize |
|
Double |
| _IsBillable |
|
String |
| AzureResourceId |
The Azure resource ID associated with the event. |
String |
| CvssSeverity |
CVSS (Common Vulnerability Scoring System) severity rating. |
String |
| DestCity |
City where the destination IP is geolocated. |
String |
| DestCountry |
Country where the destination IP is located. |
String |
| DestIP |
IP address of the destination. |
String |
| DestIsWellKnown |
Indicates if the destination is a known/trusted entity. |
Boolean |
| DestLabel |
Label or tag assigned to the destination entity. |
String |
| DestPort |
Port number on the destination endpoint. |
Int32 |
| DestThreatLevel |
Threat level associated with the destination IP. |
String |
| FlowCount |
Number of flows or sessions detected for this event. |
Int32 |
| IllumioTenantId |
Tenant ID assigned by Illumio for multi-tenant environments. |
String |
| IllumioUrl |
URL to view the record or associated details in the Illumio console. |
String |
| Name |
The name or type of the insight or event. |
String |
| Port |
Source or service port involved in the communication. |
Int32 |
| Proto |
Protocol used in the communication (e.g., TCP, UDP). |
String |
| ResourceInternalId |
Internal identifier for the monitored resource within Illumio. |
String |
| ResourceRegion |
The Azure region where the resource is deployed. |
String |
| ResourceSubId |
Azure subscription ID that contains the resource. |
String |
| ResourceTenantId |
Azure tenant ID to which the resource belongs. |
String |
| ResourceVnetId |
Identifier for the Virtual Network (VNet) associated with the resource. |
String |
| Service |
The name of the detected or used service (e.g., HTTP, SSH). |
String |
| SourceSystem |
|
String |
| SrcCity |
City where the source IP is geolocated. |
String |
| SrcCountry |
Country where the source IP is located. |
String |
| SrcIP |
IP address of the source. |
String |
| SrcIsWellKnown |
Indicates if the source is a known/trusted entity. |
Boolean |
| SrcLabel |
Label or tag assigned to the source entity. |
String |
| SrcPort |
Port number used by the source entity. |
Int32 |
| SrcThreatLevel |
Threat level (e.g., Low, Medium, High) associated with the source IP. |
String |
| Status |
Current status of the insight (e.g., Active, Resolved). |
String |
| TenantId |
Unique identifier of the tenant into which the data connector ingests data. |
String |
| TimeGenerated |
The timestamp when the record or event was logged. |
DateTime |
| TotalReceivedBytes |
Total number of bytes received during the communication flow. |
Int32 |
| TotalSentBytes |
Total number of bytes sent during the communication flow. |
Int32 |
| Type |
The name of the table |
String |
| UniqueId |
A unique identifier for the specific insight or event. |
String |
| VEScore |
Vulnerability exposure score indicating the risk level. |
Double |