Log Analytics tables for microsoft.securityinsights/asimtables

Table Categories Solutions Supports basic log plan Queries
ASimDhcpEventLogs

The ASIM DHCP schema represents DHCP server activity, including serving requests for DHCP IP address leased from client systems and updating a DNS server with the leases granted.

security SecurityInsights No -
ASimFileEventLogs

The Advanced Security Information Model (ASIM) File Event normalization schema describes file activity such as creating, modifying, or deleting files or documents.

security SecurityInsights No -
ASimRegistryEventLogs

The ASim Registry Event schema represents Windows activity of creating, modifying, or deleting Windows Registry entities. Registry events are specific to Windows systems, but are reported by different systems that monitor Windows, such as EDR (End Point Detection and Response) systems, Sysmon, or Windows itself.

security SecurityInsights No -
ASimUserManagementActivityLogs

The ASim User Management schema represents user management activities, such as creating a user or a group, changing user attribute, or adding a user to a group. Such events are reported, for example, by operating systems, directory services, identity management systems, and any other system reporting on its local user management activity.

security SecurityInsights No -