Product / Service | Tags | Data tables |
|---|
Microsoft Azurecloud.azure | cloud.azure
|
Azure Activity log | cloud.azure.activity.events
| cloud.azure.activity.events
|
Azure Active Directory | cloud.azure.ad.alerts | cloud.azure.ad.alertscloud.azure.ad.audit
|
cloud.azure.ad.audit
|
cloud.azure.ad.identityprotection
|
cloud.azure.ad.identityprotectioncloud.azure.ad.managed_identity_signin
|
cloud.azure.ad.managed_identity_signincloud.azure.ad.microsoft_graph_activity_logs
|
cloud.azure.ad.microsoft_graph_activity_logscloud.azure.ad.noninteractive_user_signin
| cloud.azure.ad.noninteractive_user_signin
| cloud.azure.ad.provisioning
|
cloud.azure.ad.provisioningcloud.azure.ad.risky_service_principals
|
cloud.azure.ad.risky_service_principalscloud.azure.ad.risky_users
|
cloud.azure.ad.risky_userscloud.azure.ad.service_principal_risk_events
|
cloud.azure.ad.service_principal_risk_events
|
cloud.azure.ad.service_principal_signin
|
cloud.azure.ad.service_principal_signin
|
cloud.azure.ad.signin
| cloud.azure.ad.signin
| cloud.azure.ad.user_risk_events
| cloud.azure.ad.user_risk_events
|
Azure Health Alerts | cloud.azure.ah.alert_evidence
| cloud.azure.ah.alert_evidence
| cloud.azure.ah.alert_info
|
cloud.azure.ah.alert_info
|
Azure Kubernetes Service | cloud.azure.aks
| cloud.azure.aks | cloud.azure.aks.cluster_autoscaler
|
cloud.azure.aks.cluster_autoscalercloud.azure.aks.containerlog
|
cloud.azure.aks.containerlogcloud.azure.aks.guard
|
cloud.azure.aks.guard
|
cloud.azure.aks.kube_apiserver
|
cloud.azure.aks.kube_apiserver
| cloud.azure.aks.kube_audit
| cloud.azure.aks.kube_audit
|
cloud.azure.aks.kube_audit_admin
|
cloud.azure.aks.kube_audit_admincloud.azure.aks.kube_controller_manager
| cloud.azure.aks.kube_controller_manager
| cloud.azure.aks.kube_scheduler
|
cloud.azure.aks.kube_scheduler
|
Azure API Management | cloud.azure.apimanagement.gatewaylogs
| cloud.azure.apimanagement.gatewaylogs
|
Azure Application Gateway | cloud.azure.appgateway.access_log | cloud.azure.appgateway.access_logcloud.azure.appgateway.administrative
|
cloud.azure.appgateway.administrativecloud.azure.appgateway.firewall_log
|
cloud.azure.appgateway.firewall_log
|
cloud.azure.appgateway.policy
| cloud.azure.appgateway.policy
|
Azure App Service | cloud.azure.appservice.access_audit | cloud.azure.appservice.access_audit
|
cloud.azure.appservice.administrative
|
cloud.azure.appservice.administrativecloud.azure.appservice.app
|
cloud.azure.appservice.appcloud.azure.appservice.application
| cloud.azure.appservice.application
| cloud.azure.appservice.console
|
cloud.azure.appservice.consolecloud.azure.appservice.environment_platform
|
cloud.azure.appservice.environment_platform
|
cloud.azure.appservice.http
| cloud.azure.appservice.http
| cloud.azure.appservice.ipsecurity_audit
|
cloud.azure.appservice.ipsecurity_auditcloud.azure.appservice.platform
|
cloud.azure.appservice.platform
|
cloud.azure.appservice.policy
| cloud.azure.appservice.policy
|
Azure Components | cloud.azure.components.process
| cloud.azure.components.process
|
Azure Container Registrycloud.azure.contregistry.login | cloud.azure.contregistry.login
|
Azure Cosmos DB | cloud.azure.cosmosdb.control_plane_requests
|
cloud.azure.cosmosdb.control_plane_requestscloud.azure.cosmosdb.date_plane_requests
| cloud.azure.cosmosdb.date_plane_requests
| cloud.azure.cosmosdb.metrics
|
cloud.azure.cosmosdb.metricscloud.azure.cosmosdb.mongo_requests
|
cloud.azure.cosmosdb.mongo_requestscloud.azure.cosmosdb.partition_key_ru_consumption
|
cloud.azure.cosmosdb.partition_key_ru_consumptioncloud.azure.cosmosdb.partition_key_statistics
|
cloud.azure.cosmosdb.partition_key_statistics
|
cloud.azure.cosmosdb.query_runtime_statistics
| cloud.azure.cosmosdb.query_runtime_statistics
|
Azure Data Factorycloud.azure.datafactory.administrative | cloud.azure.datafactory.administrative
|
Azure Event Hub | cloud.azure.eh.events
|
cloud.azure.eh.eventscloud.azure.eh.metrics
| cloud.azure.eh.metrics
|
Azure Data Factory | cloud.azure.factories.activity_runs | cloud.azure.factories.activity_runscloud.azure.factories.pipeline_runs
|
cloud.azure.factories.pipeline_runscloud.azure.factories.sandbox_activity_runs
|
cloud.azure.factories.sandbox_activity_runscloud.azure.factories.sandbox_pipeline_runs
|
cloud.azure.factories.sandbox_pipeline_runs
|
cloud.azure.factories.trigger_runs
| cloud.azure.factories.trigger_runs
|
Azure Firewall | cloud.azure.firewall.application_rule | cloud.azure.firewall.application_rule
|
cloud.azure.firewall.dns_proxy
|
cloud.azure.firewall.dns_proxycloud.azure.firewall.network_rule
| cloud.azure.firewall.network_rule
|
Azure Front Door | cloud.azure.frontdoor.access
| cloud.azure.frontdoor.access
| cloud.azure.frontdoor.waf
|
cloud.azure.frontdoor.waf
|
Azure Host Pool | cloud.azure.hostpools
| cloud.azure.hostpools | cloud.azure.hostpools.agenthealthstatus
|
cloud.azure.hostpools.agenthealthstatuscloud.azure.hostpools.checkpoint
|
cloud.azure.hostpools.checkpointcloud.azure.hostpools.connection
|
cloud.azure.hostpools.connection
|
cloud.azure.hostpools.error
|
cloud.azure.hostpools.errorcloud.azure.hostpools.management
| cloud.azure.hostpools.management
|
Azure Key Vault | cloud.azure.keyvault.administrative | cloud.azure.keyvault.administrative
|
cloud.azure.keyvault.audit
|
cloud.azure.keyvault.auditcloud.azure.keyvault.azure_monitor
|
cloud.azure.keyvault.azure_monitorcloud.azure.keyvault.policy
|
cloud.azure.keyvault.policycloud.azure.keyvault.policy_evaluation_details
| cloud.azure.keyvault.policy_evaluation_details
|
Azure managed clusters | cloud.azure.managedclusters.cloud_controller_manager | cloud.azure.managedclusters.cloud_controller_managercloud.azure.managedclusters.csi_azuredisk_controller
|
cloud.azure.managedclusters.csi_azuredisk_controller
|
cloud.azure.managedclusters.csi_azurefile_controller
|
cloud.azure.managedclusters.csi_azurefile_controller
| cloud.azure.managedclusters.csi_snapshot_controller
| cloud.azure.managedclusters.csi_snapshot_controller
|
Azure Monitor Metrics | cloud.azure.metrics.metricsBlobLog
|
cloud.azure.metrics.metricsBlobLogcloud.azure.metrics.metricsCapacityBlob
|
cloud.azure.metrics.metricsCapacityBlobcloud.azure.metrics.metricsTableLog
| cloud.azure.metrics.metricsTableLog
| cloud.azure.metrics.metricsTransactions
|
cloud.azure.metrics.metricsTransactions
|
cloud.azure.metrics.metricsTransactionsBlob
| cloud.azure.metrics.metricsTransactionsBlob
| cloud.azure.metrics.metricsTransactionsQueue
|
cloud.azure.metrics.metricsTransactionsQueuecloud.azure.metrics.metricsTransactionsTable
|
cloud.azure.metrics.metricsTransactionsTable
|
Azure x Microsoft Defender | cloud.azure.microsoft_defender.alerts | cloud.azure.microsoft_defender.alerts
|
cloud.azure.microsoft_defender.scorecontrol
|
cloud.azure.microsoft_defender.scorecontrol
| cloud.azure.microsoft_defender.scores
| cloud.azure.microsoft_defender.scores
|
Azure Monitor | cloud.azure.monitor.alert
|
cloud.azure.monitor.alertcloud.azure.monitor.audit
| cloud.azure.monitor.audit
|
Azure for MySQL | cloud.azure.mysql.audit
| cloud.azure.mysql.audit
|
Azure network security groupscloud.azure.nsg.flow | cloud.azure.nsg.flow
|
Azure Monitor Metrics: other metrics | cloud.azure.others.administrative
| cloud.azure.others.administrative
| cloud.azure.others.autoscale
|
cloud.azure.others.autoscalecloud.azure.others.events
|
cloud.azure.others.eventscloud.azure.others.policy
|
cloud.azure.others.policy
|
cloud.azure.others.recommendation
|
cloud.azure.others.recommendationcloud.azure.others.resourcehealth
| cloud.azure.others.resourcehealth
|
Azure Database for PostgreSQLcloud.azure.postgresql.events | cloud.azure.postgresql.events
|
Azure Network Security | cloud.azure.sec.nsg
|
cloud.azure.sec.nsgcloud.azure.sec.rms
| cloud.azure.sec.rms
|
Azure Security Center | cloud.azure.securitycenter.alerts
| cloud.azure.securitycenter.alerts
| cloud.azure.securitycenter.security
|
cloud.azure.securitycenter.security
|
Azure x Sentinel | cloud.azure.sentinel.alerts
| cloud.azure.sentinel.alerts
|
Azure Service Bus | cloud.azure.servicebus.metrics | cloud.azure.servicebus.metricscloud.azure.servicebus.operational
|
cloud.azure.servicebus.operational
|
Azure Service Healthcloud.azure.servicehealth.event | cloud.azure.servicehealth.event
|
Azure Site Recovery | cloud.azure.siterecovery.addon_backup_jobs
|
cloud.azure.siterecovery.addon_backup_jobs
| cloud.azure.siterecovery.addon_backup_policy
| cloud.azure.siterecovery.addon_backup_policy
|
cloud.azure.siterecovery.addon_backup_protected_inst
|
cloud.azure.siterecovery.addon_backup_protected_instcloud.azure.siterecovery.addon_backup_storage
|
cloud.azure.siterecovery.addon_backup_storagecloud.azure.siterecovery.backup_report
|
cloud.azure.siterecovery.backup_report
| cloud.azure.siterecovery.core_backup
| cloud.azure.siterecovery.core_backupcloud.azure.siterecovery.site_rec_recovery_points
|
cloud.azure.siterecovery.site_rec_recovery_points
|
cloud.azure.siterecovery.site_rec_rep_stats
|
cloud.azure.siterecovery.site_rec_rep_stats
| cloud.azure.siterecovery.site_rec_replicated_items
| cloud.azure.siterecovery.site_rec_replicated_items
|
Azure SQL Database | cloud.azure.sql.audit
|
cloud.azure.sql.auditcloud.azure.sql.automatic_tuning
| cloud.azure.sql.automatic_tuning
| cloud.azure.sql.query_store_runtime
|
cloud.azure.sql.query_store_runtime
|
cloud.azure.sql.resourceusagestats
| cloud.azure.sql.resourceusagestats
| cloud.azure.sql.securityauditevents
|
cloud.azure.sql.securityauditevents
|
Azure Storage Server | cloud.azure.storage.administrative | cloud.azure.storage.administrativecloud.azure.storage.resourcehealth
|
cloud.azure.storage.resourcehealth
|
cloud.azure.storage.storagedelete
|
cloud.azure.storage.storagedeletecloud.azure.storage.storageread
|
cloud.azure.storage.storageread
| cloud.azure.storage.storagewrite
| cloud.azure.storage.storagewrite
|
Azure Traffic Manager | cloud.azure.traffic_manager.probe_health_status
| cloud.azure.traffic_manager.probe_health_status
|
Azure Virtual Network | cloud.azure.virtualnetwork.net_sec_group_event
|
cloud.azure.virtualnetwork.net_sec_group_eventcloud.azure.virtualnetwork.net_sec_group_rule_counter
| cloud.azure.virtualnetwork.net_sec_group_rule_counter
|
Azure Virtual Machines | cloud.azure.vm.administrative | cloud.azure.vm.administrative
|
cloud.azure.vm.applicationevent
| cloud.azure.vm.applicationevent
| cloud.azure.vm.metrics_simple
|
cloud.azure.vm.metrics_simple
|
cloud.azure.vm.policy
|
cloud.azure.vm.policy
| cloud.azure.vm.recommendation
| cloud.azure.vm.recommendation
|
cloud.azure.vm.resourcehealth
|
cloud.azure.vm.resourcehealthcloud.azure.vm.securityevent
|
cloud.azure.vm.securityeventcloud.azure.vm.systemevent
|
cloud.azure.vm.systemeventcloud.azure.vm.unix
|
cloud.azure.vm.unixcloud.azure.vm.unknown_eventscloud.azure.vm.unknown_events
|
Azure Virtual Machine Scale Sets | cloud.azure.vmscalesets.administrative
|
cloud.azure.vmscalesets.administrativecloud.azure.vmscalesets.autoscale
|
cloud.azure.vmscalesets.autoscalecloud.azure.vmscalesets.policy
| cloud.azure.vmscalesets.policy
| cloud.azure.vmscalesets.resourcehealth
|
cloud.azure.vmscalesets.resourcehealth
|
Azure VPN Gateway | cloud.azure.vngateways.ikediagnos
| cloud.azure.vngateways.ikediagnos
|
Azure Diagnostics extension | cloud.azure.wad.waddirectories | cloud.azure.wad.waddirectories
|
cloud.azure.wad.wadperformancecounters
|
cloud.azure.wad.wadperformancecounterscloud.azure.wad.wadwindowseventlogs
| cloud.azure.wad.wadwindowseventlogs
|
Azure workflowscloud.azure.workflows.workflow_runtime | cloud.azure.workflows.workflow_runtime
|
