Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
| Table | Categories | Solutions | Supports basic log plan | Queries |
|---|---|---|---|---|
| AggregatedSecurityAlert Alerts that were generated by security products and were aggregated from a partner. |
security | SecurityInsights | Yes | Yes |
| DnsAuditEvents DNS server audit events enable change tracking on the DNS server. An audit event is logged each time server, zone, or resource record settings are changed. This includes operational events such as zone transfers, and DNSSEC zone signing and unsigning. This table captures audit events that are not from dynamic updates. |
security | SecurityInsights | Yes | - |
| SecurityAlert Alerts that been generated by security products. |
security | AzureSecurityOfThings, Security, SecurityCenter, SecurityCenterFree, SecurityInsights | No | - |
| SecurityEvent Security events collected from windows machines by Azure Security Center or Azure Sentinel. |
security | Security, SecurityInsights | Yes | Yes |
| WindowsEvent Windows events which are collected and sent by the agent. |
security | CustomizedWindowsEventsFiltering, InternalWindowsEvent, SecurityInsights, WEFInternalUat, WEF_10x, WEF_10xDSRE, WinLog, WindowsEventForwarding | No | Yes |