| _BilledSize |
|
Double |
| _IsBillable |
|
String |
| _ResourceId |
A unique identifier for the resource that the record is associated with |
String |
| _SubscriptionId |
A unique identifier for the subscription that the record is associated with |
String |
| AccountObjectId |
Unique identifier for the account in Microsoft Entra ID. |
String |
| AccountUpn |
User principal name (UPN) of the account. |
String |
| ActionType |
Type of behavior. |
String |
| AdditionalFields |
Additional information about the entity or event. |
String |
| AttackTechniques |
MITRE ATT&CK techniques associated with the activity that triggered the behavior. |
String |
| BehaviorId |
Unique identifier for the behavior. |
String |
| Categories |
Types of threat indicator or breach activity identified by the behavior. |
String |
| DataSources |
Products or services that provided information for the behavior. |
String |
| Description |
Description of the behavior. |
String |
| DetectionSource |
Detection technology or sensor that identified the notable component or activity. |
String |
| DeviceId |
Unique identifier for the device in the service. |
String |
| EndTime |
Date and time of the last activity related to the behavior. |
DateTime |
| ServiceSource |
Product or service that provided the behavior. |
String |
| SourceSystem |
|
String |
| StartTime |
Date and time of the first activity related to the behavior. |
DateTime |
| TenantId |
Unique identifier of the tenant into which the data connector ingests data. |
String |
| TimeGenerated |
Date and time when the record was generated. |
DateTime |
| Title |
Title of the behavior. |
String |
| Type |
The name of the table |
String |