Type of authentication required for the sign-in. On-premises user principal name (UPN) of the user signing in to Azure ADĪpplication that performed the recorded actionĭetails about the authentication processor Unique identifier for the account in Azure AD This is usually a combination of the given name, middle initial, and surname of the user. Name displayed in the address book entry for the account user.
Unique identifier for the device in Azure AD Link to Microsoft Description: Information about Azure Active Directory (AAD) sign-in events either by a user (interactive) or a client on the user's behalf (non-interactive) Table Schema: Field Table: DeviceBaselineComplianceProfiles.Table: DeviceBaselineComplianceAssessmentKB.Table: DeviceBaselineComplianceAssessment.TVM - Threat & Vulnerability Management add-on.Table: DeviceTvmSecureConfigurationAssessmentKB.Table: DeviceTvmSecureConfigurationAssessment.Table: DeviceTvmSoftwareVulnerabilitiesKB.Table: DeviceTvmSoftwareVulnerabilities.TVM - Threat & Vulnerability Management.Microsoft Defender Vulnerability Management MS 365 Defender/Azure Sentinel detections/custom KQL querries Table Schema: Acronym MS 365 Advanced hunting schema tables reference
Microsoft Defender 365 Advanced hunting full schema reference (Streaming API overview)
0 kommentar(er)
