title	description	ms.topic	ms.service	ms.subservice	ms.author	author	ms.date
Azure Monitor Logs reference - ASimProcessEventLogs	Reference for ASimProcessEventLogs table in Azure Monitor Logs.	reference	azure-monitor	logs	edbaynash	EdB-MSFT	03/05/2024

ASimProcessEventLogs

The Microsoft Sentinel process events normalized table stores events using the Process Event ASIM normalized schema associated with creation or termination of a process. Such events are reported by operating systems and security systems, such as EDR (End Point Detection and Response) systems.

Table attributes

Attribute	Value
Resource types	microsoft.securityinsights/processeventnormalized
Categories	Security
Solutions	SecurityInsights
Basic log	No
Ingestion-time transformation	Yes
Sample Queries	-

Columns

[!INCLUDE asimprocesseventlogs]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly