Skip to content

Latest commit

 

History

History
32 lines (23 loc) · 956 Bytes

asimprocesseventlogs.md

File metadata and controls

32 lines (23 loc) · 956 Bytes
title description ms.topic ms.service ms.subservice ms.author author ms.date
Azure Monitor Logs reference - ASimProcessEventLogs
Reference for ASimProcessEventLogs table in Azure Monitor Logs.
reference
azure-monitor
logs
edbaynash
EdB-MSFT
03/05/2024

ASimProcessEventLogs

The Microsoft Sentinel process events normalized table stores events using the Process Event ASIM normalized schema associated with creation or termination of a process. Such events are reported by operating systems and security systems, such as EDR (End Point Detection and Response) systems.

Table attributes

Attribute Value
Resource types microsoft.securityinsights/processeventnormalized
Categories Security
Solutions SecurityInsights
Basic log No
Ingestion-time transformation Yes
Sample Queries -

Columns

[!INCLUDE asimprocesseventlogs]