| _BilledSize |
|
Double |
| _IsBillable |
|
String |
| AccountDisplayName |
Name of the account user displayed in the address book |
String |
| AccountDomain |
Domain of the account |
String |
| AccountName |
User name of the account |
String |
| AccountObjectId |
Unique identifier for the account in Azure AD |
String |
| AccountSid |
Security Identifier (SID) of the account |
String |
| AccountUpn |
User principal name (UPN) of the account |
String |
| ActionType |
Type of activity that triggered the event |
String |
| AdditionalFields |
Additional information about the entity or event |
Object |
| Application |
Application that performed the recorded action |
String |
| DestinationDeviceName |
Name of the device running the server application that processed the recorded action |
String |
| DestinationIPAddress |
IP address of the device running the server application that processed the recorded action |
String |
| DestinationPort |
Destination port of related network communications |
String |
| DeviceName |
Fully qualified domain name (FQDN) of the device |
String |
| DeviceType |
Type of device |
String |
| FailureReason |
Information explaining why the recorded action failed |
String |
| IPAddress |
IP address assigned to the endpoint and used during related network communications |
String |
| ISP |
Internet service provider (ISP) associated with the endpoint IP address |
String |
| Location |
City, country, or other geographic location associated with the event |
String |
| LogonType |
Type of logon session |
String |
| OSPlatform |
Platform of the operating system running on the machine |
String |
| Port |
TCP port used during communication |
String |
| Protocol |
Network protocol used |
String |
| ReportId |
Unique identifier for the event |
String |
| SourceSystem |
|
String |
| TargetAccountDisplayName |
Display name of the account that the recorded action was applied to |
String |
| TargetDeviceName |
Fully qualified domain name (FQDN) of the device that the recorded action was applied to |
String |
| TenantId |
|
String |
| TimeGenerated |
Date and time (UTC) when the record was generated |
DateTime |
| Timestamp |
Date and time when the record was generated |
DateTime |
| Type |
The name of the table |
String |