| AccountUpn |
User principal name (UPN) of the account |
String |
| ActionType |
Type of activity that triggered the event |
String |
| AppName |
The application’s display name as exposed by the associated service principal |
String |
| AppVersion |
Version of the client application where click occurred |
String |
| DetectionMethods |
Methods used to detect whether the URL contains or leads to malware, phishing, or other threats |
String |
| IPAddress |
IP addresses of the clients on which the activity was performed; can contain multiple Ips if related to Microsoft Defender for Cloud Apps alerts |
String |
| IsClickedThrough |
Indicates whether the user was able to click through to the original URL or not |
Boolean |
| NetworkMessageId |
Unique identifier for the email from which the URL was clicked |
String |
| ReportId |
Unique identifier for the event |
String |
| SourceId |
Unique identifier for the source of the click |
String |
| SourceSystem |
|
String |
| TenantId |
|
String |
| ThreatTypes |
Verdict on whether the URL leads to malware, phishing, or other threats |
String |
| TimeGenerated |
|
DateTime |
| Timestamp |
Date and time when the record was generated |
DateTime |
| Type |
|
String |
| Url |
URL that was clicked |
String |
| UrlChain |
List of URLs in the redirection chain |
String |
| Workload |
The Microsoft 365 service where the event occurred |
String |