| title | description | ms.topic | ms.service | ms.subservice | ms.author | author | ms.date |
|---|---|---|---|---|---|---|---|
Azure Monitor Logs reference - ASimProcessEventLogs |
Reference for ASimProcessEventLogs table in Azure Monitor Logs. |
reference |
azure-monitor |
logs |
edbaynash |
EdB-MSFT |
03/05/2024 |
The Microsoft Sentinel process events normalized table stores events using the Process Event ASIM normalized schema associated with creation or termination of a process. Such events are reported by operating systems and security systems, such as EDR (End Point Detection and Response) systems.
| Attribute | Value |
|---|---|
| Resource types | microsoft.securityinsights/processeventnormalized |
| Categories | Security |
| Solutions | SecurityInsights |
| Basic log | No |
| Ingestion-time transformation | Yes |
| Sample Queries | - |
[!INCLUDE asimprocesseventlogs]