Skip to content

Commit

Permalink
Merge pull request Azure#9957 from Cisco-Email-Security/CiscoETD
Browse files Browse the repository at this point in the history 
Cisco Email Threat Defense MS Sentinel connector
  • Loading branch information
@v-atulyadav
v-atulyadav authored Mar 11, 2024
2 parents 069b959 + 3318788 commit 7a3f5d4
Show file tree
Hide file tree
Showing 26 changed files with 2,737 additions and 0 deletions.
169 changes: 169 additions & 0 deletions .script/tests/KqlvalidationsTests/CustomTables/CiscoETD_CL.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,169 @@
{
"Name": "CiscoETD_CL",
"Properties": [
{
"Name": "TenantId",
"Type": "guid"
},
{
"Name": "SourceSystem",
"Type": "String"
},
{
"Name": "MG",
"Type": "guid"
},
{
"Name": "ManagementGroupName",
"Type": "String"
},
{
"Name": "TimeGenerated",
"Type": "DateTime"
},
{
"Name": "Computer",
"Type": "String"
},
{
"Name": "RawData",
"Type": "String"
},
{
"Name": "attachments_s",
"Type": "String"
},
{
"Name": "senderName_s",
"Type": "String"
},
{
"Name": "action_type_s",
"Type": "String"
},
{
"Name": "action_isAutoRemediated_b",
"Type": "Boolean"
},
{
"Name": "action_folder_s",
"Type": "String"
},
{
"Name": "action_timestamp_t",
"Type": "DateTime"
},
{
"Name": "action_publicApiClientId_s",
"Type": "String"
},
{
"Name": "fromAddress_s",
"Type": "String"
},
{
"Name": "clientIP_s",
"Type": "String"
},
{
"Name": "direction_s",
"Type": "String"
},
{
"Name": "domain_s",
"Type": "String"
},
{
"Name": "id_g",
"Type": "guid"
},
{
"Name": "mailboxes_s",
"Type": "String"
},
{
"Name": "internetMessageId_s",
"Type": "String"
},
{
"Name": "returnPath_s",
"Type": "String"
},
{
"Name": "serverIP_s",
"Type": "String"
},
{
"Name": "subject_s",
"Type": "String"
},
{
"Name": "toAddresses_s",
"Type": "String"
},
{
"Name": "timestamp_t",
"Type": "DateTime"
},
{
"Name": "urls_s",
"Type": "String"
},
{
"Name": "verdict_isManualVerdict_b",
"Type": "Boolean"
},
{
"Name": "verdict_userId_s",
"Type": "String"
},
{
"Name": "verdict_isRetroVerdict_b",
"Type": "Boolean"
},
{
"Name": "verdict_techniques_s",
"Type": "String"
},
{
"Name": "verdict_timestamp_t",
"Type": "DateTime"
},
{
"Name": "verdict_originalVerdict_s",
"Type": "String"
},
{
"Name": "verdict_latestVerdict_s",
"Type": "String"
},
{
"Name": "verdict_category_s",
"Type": "String"
},
{
"Name": "verdict_publicApiClientId_s",
"Type": "String"
},
{
"Name": "verdict_businessRisk_s",
"Type": "String"
},
{
"Name": "secureEmailGateway_originalCIP_s",
"Type": "String"
},
{
"Name": "secureEmailGateway_headerName_s",
"Type": "String"
},
{
"Name": "envelopeTo_s",
"Type": "String"
},
{
"Name": "deliveredTo_s",
"Type": "String"
}
]
}
Loading

0 comments on commit 7a3f5d4

Please sign in to comment.