Page Comparison

eventdate

timestamp

hostname

str

Timestamp

timestamp

DeviceId

str

DeviceName

str

ActionType

str

FileName

str

FolderPath

str

SHA1

str

SHA256

str

MD5

str

FileSize

int4

ProcessVersionInfoCompanyName

str

ProcessVersionInfoProductName

str

ProcessVersionInfoProductVersion

str

ProcessVersionInfoInternalFileName

str

ProcessVersionInfoOriginalFileName

str

ProcessVersionInfoFileDescription

str

ProcessId

int4

ProcessCommandLine

str

ProcessIntegrityLevel

str

ProcessTokenElevation

str

ProcessCreationTime

str

AccountDomain

str

AccountName

str

AccountSid

str

AccountUpn

str

AccountObjectId

str

LogonId

int4

InitiatingProcessAccountDomain

str

InitiatingProcessAccountName

str

InitiatingProcessAccountSid

str

InitiatingProcessAccountUpn

str

InitiatingProcessAccountObjectId

str

InitiatingProcessLogonId

int4

InitiatingProcessIntegrityLevel

str

InitiatingProcessTokenElevation

str

InitiatingProcessSHA1

str

InitiatingProcessSHA256

str

InitiatingProcessMD5

str

InitiatingProcessFileName

str

InitiatingProcessFileSize

int4

InitiatingProcessVersionInfoCompanyName

str

InitiatingProcessVersionInfoProductName

str

InitiatingProcessVersionInfoProductVersion

str

InitiatingProcessVersionInfoInternalFileName

str

InitiatingProcessVersionInfoOriginalFileName

str

InitiatingProcessVersionInfoFileDescription

str

InitiatingProcessId

int4

InitiatingProcessCommandLine

str

InitiatingProcessCreationTime

str

InitiatingProcessFolderPath

str

InitiatingProcessParentId

int4

InitiatingProcessParentFileName

str

InitiatingProcessParentCreationTime

timestamp

InitiatingProcessSignerType

str

InitiatingProcessSignatureStatus

str

ReportId

int4

AppGuardContainerId

str

AdditionalFields

str

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

id

str

incidentId

int8

investigationId

int8

assignedTo

str

severity

str

status

str

classification

str

determination

str

investigationState

str

detectionSource

str

detectorId

str

category

str

threatFamilyName

str

title

str

description

str

alertCreationTime

str

firstEventTime

str

lastEventTime

str

lastUpdateTime

str

resolvedTime

str

machineId

str

computerDnsName

str

rbacGroupName

str

aadTenantId

str

threatName

str

mitreTechniques_str

str

mitreTechniques

relatedUser__userName

str

relatedUser__domainName

str

comments__comment_str

str

comments__comment

comments__createdBy_str

str

comments__createdBy

comments__createdTime_str

str

comments__createdTime

evidence__entityType_str

str

evidence__entityType

evidence__evidenceCreationTime_str

str

evidence__evidenceCreationTime

evidence__sha1_str

str

evidence__sha1

evidence__sha256_str

str

evidence__sha256

evidence__fileName_str

str

evidence__fileName

evidence__filePath_str

str

evidence__filePath

evidence__processId_str

str

evidence__processId

evidence__processCommandLine_str

str

evidence__processCommandLine

evidence__processCreationTime_str

str

evidence__processCreationTime

evidence__parentProcessId_str

str

evidence__parentProcessId

evidence__parentProcessCreationTime_str

str

evidence__parentProcessCreationTime

evidence__parentProcessFileName_str

str

evidence__parentProcessFileName

evidence__parentProcessFilePath_str

str

evidence__parentProcessFilePath

evidence__ipAddress_str

str

evidence__ipAddress

evidence__url_str

str

evidence__url

evidence__registryKey_str

str

evidence__registryKey

evidence__registryHive_str

str

evidence__registryHive

evidence__registryValueType_str

str

evidence__registryValueType

evidence__registryValue_str

str

evidence__registryValue

evidence__accountName_str

str

evidence__accountName

evidence__domainName_str

str

evidence__domainName

evidence__userSid_str

str

evidence__userSid

evidence__aadUserId_str

str

evidence__aadUserId

evidence__userPrincipalName_str

str

evidence__userPrincipalName

evidence__detectionStatus_str

str

evidence__detectionStatus

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

at_odata_context

str

id

str

incidentId

str

investigationId

str

assignedTo

str

severity

str

status

str

classification

str

determination

str

investigationState

str

detectionSource

str

detectorId

str

category

str

threatFamilyName

str

title

str

description

str

alertCreationTime

timestamp

firstEventTime

timestamp

lastEventTime

timestamp

lastUpdateTime

timestamp

resolvedTime

timestamp

machineId

str

computerDnsName

str

rbacGroupName

str

aadTenantId

str

threatName

str

mitreTechniques

str

loggedOnUsers

str

comments

str

domains

str

at_devo_pulling_id

str

related_files

int4

related_ips

int4

related_machines

int4

related_domains

int4

related_users

int4

relatedUser_userName

str

relatedUser_domainName

str

related_evidences

int4

related_loggedOnUsers

int4

raw_evidences

str

evidence_entityType

str

evidence_evidenceCreationTime

timestamp

evidence_sha1

str

evidence_sha256

str

evidence_fileName

str

evidence_filePath

str

evidence_processId

str

evidence_processCommandLine

str

evidence_processCreationTime

timestamp

evidence_parentProcessId

str

evidence_parentProcessCreationTime

timestamp

evidence_parentProcessFileName

str

evidence_parentProcessFilePath

str

evidence_ipAddress

str

evidence_url

str

evidence_registryKey

str

evidence_registryHive

str

evidence_registryValueType

str

evidence_registryValue

str

evidence_registryValueName

str

evidence_accountName

str

evidence_domainName

str

evidence_userSid

str

evidence_aadUserId

str

evidence_userPrincipalName

str

evidence_detectionStatus

str

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

at_devo_pulling_id

str

DeviceId

str

DeviceName

str

OSPlatform

str

OSVersion

str

Timestamp

timestamp

ConfigurationId

str

ConfigurationCategory

str

ConfigurationSubcategory

str

ConfigurationImpact

int4

IsApplicable

bool

ConfigurationName

str

RecommendationReference

str

RbacGroupId

int4

RbacGroupName

str

IsCompliant

bool

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

at_devo_pulling_id

str

DeviceId

str

DeviceName

str

OSPlatform

str

SoftwareVendor

str

SoftwareName

str

SoftwareVersion

str

NumberOfWeaknesses

int4

DiskPaths

str

RegistryPaths_str

str

SoftwareFirstSeenTimestamp

timestamp

SoftwareLastSeenTimestamp

timestamp

EndOfSupportStatus

str

EndOfSupportDate

str

RbacGroupId

int4

RbacGroupName

str

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

at_devo_pulling_id

str

id

str

startTime

timestamp

endTime

timestamp

state

str

cancelledBy

str

statusDetails

str

machineId

str

computerDnsName

str

triggeringAlertId

str

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

id

str

computerDnsName

str

firstSeen

timestamp

lastSeen

timestamp

osPlatform

str

osVersion

str

osProcessor

str

version

str

lastIpAddress

ip4

lastExternalIpAddress

ip4

agentVersion

str

osBuild

int4

healthStatus

str

deviceValue

str

rbacGroupId

int4

rbacGroupName

str

riskScore

str

exposureLevel

str

isAadJoined

bool

aadDeviceId

str

machineTags

str

defenderAvStatus

str

onboardingStatus

str

osArchitecture

str

managedBy

str

managedByStatus

str

ipAddresses

str

vmMetadata

str

at_devo_pulling_id

str

related_logon_users

int4

related_alerts

int4

related_vulnerabilities

int4

related_recommendations

int4

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

id

str

productName

str

recommendationName

str

weaknesses

int4

vendor

str

recommendedVersion

str

recommendedVendor

str

recommendedProgram

str

recommendationCategory

str

subCategory

str

severityScore

float8

publicExploit

bool

activeAlert

bool

associatedThreats

str

remediationType

str

status

str

configScoreImpact

float8

exposureImpact

float8

totalMachineCount

int4

exposedMachinesCount

int4

nonProductivityImpactedAssets

int4

relatedComponent

str

hasUnpatchableCve

bool

at_devo_pulling_id

str

related_software

int4

related_machines

int4

related_vulnerabilities

int4

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

id

str

name

str

vendor

str

weaknesses

int4

publicExploit

bool

activeAlert

bool

exposedMachines

int4

installedMachines

int4

impactScore

float8

isNormalized

bool

category

str

distributions

str

related_vulnerabilities

int4

related_machines

int4

related_version_distribution

int4

related_missing_kbs

int4

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

at_odata_context

str

id

str

name

str

description

str

severity

str

cvssV3

float8

exposedMachines

int4

publishedOn

timestamp

updatedOn

timestamp

publicExploit

bool

exploitVerified

bool

exploitInKit

bool

exploitTypes

str

exploitUris

str

at_devo_pulling_id

str

related_machines

int4

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

id

str

name

str

type

str

tenant_id

str

kind

str

location

str

resource_group

str

subscription_id

str

managed_by

str

sku

str

plan

str

properties__product_component_name

str

properties__azure_resource_id

str

properties__extended_properties__device_resource_ids

str

properties__extended_properties__alert_management_uri

str

properties__extended_properties__device_id

str

properties__extended_properties__site_display_name

str

properties__extended_properties__source_device_address_ip4

ip4

properties__extended_properties__source_device_address

properties__extended_properties__source_device_address_ip6

ip6

properties__extended_properties__source_device_address

properties__extended_properties__compromised_entity_id

str

properties__extended_properties__sensor_version

str

properties__extended_properties__source_device_ip4

ip4

properties__extended_properties__source_device

properties__extended_properties__source_device_ip6

ip6

properties__extended_properties__source_device

properties__extended_properties__sensor_zone

str

properties__extended_properties__sensor_type

str

properties__extended_properties__protocol

str

properties__extended_properties__sensor_id

str

properties__extended_properties__category

str

properties__extended_properties_plc_new_operating_mode

str

properties__extended_properties__destination_device_address_ip4

ip4

properties__extended_properties__destination_device_address

properties__extended_properties__destination_device_address_ip6

ip6

properties__extended_properties__destination_device_address

properties__alert_learn_status

str

properties__system_alert_id

str

properties__start_time_utc

timestamp

properties__start_time_utc_str

properties__display_name

str

properties__severity

str

properties__techniques

str

properties__end_time_utc_str

str

properties__end_time_utc

timestamp

properties__end_time_utc_str

properties__alert_type

str

properties__entities

str

properties__status

str

properties__intent

str

tags

str

identity

str

zones

str

extended_location

str

at_devo_environment

str

at_devo_pulling_id

str

hostchain

str

✓

tag

str

✓

rawMessage

str

✓