a0 |
string |
|
a1 |
string |
|
a2 |
string |
|
a3 |
string |
|
a4 |
string |
|
a5 |
string |
|
a6 |
string |
|
a7 |
string |
|
a8 |
string |
|
a9 |
string |
|
acct |
string |
|
addr |
string |
|
arch |
string |
|
argc |
long |
|
audit_user |
string |
|
AuditID |
string |
|
auid |
long |
|
_BilledSize |
real |
The record size in bytes |
cmd |
string |
|
comm |
string |
|
Computer |
string |
|
ComputerEnvironment |
string |
|
cwd |
string |
|
data |
string |
|
effective_group |
string |
|
effective_user |
string |
|
egid |
long |
|
euid |
long |
|
exe |
string |
|
exit |
string |
|
ExternalAgentIp |
string |
|
family |
string |
|
filetype |
string |
|
gid |
long |
|
group |
string |
|
hostname |
string |
|
icmptype |
string |
|
_IsBillable |
string |
Specifies whether ingesting the data is billable. When _IsBillable is false ingestion isn't billed to your Azure account |
key |
string |
|
ManagementGroup |
string |
|
ManagementGroupName |
string |
|
name |
string |
|
node |
string |
|
op |
string |
|
path |
string |
|
pid |
long |
|
ppid |
long |
|
RawRecord |
string |
|
RecordType |
string |
|
res |
string |
|
ResourceId |
string |
|
_ResourceId |
string |
A unique identifier for the resource that the record is associated with |
result |
string |
|
SerialNumber |
string |
|
ses |
long |
|
SourceComputerId |
string |
|
_SubscriptionId |
string |
A unique identifier for the subscription that the record is associated with |
success |
string |
|
syscall |
string |
|
terminal |
string |
|
TimeGenerated |
datetime |
|
TimeUploaded |
datetime |
|
tty |
string |
|
Type |
string |
The name of the table |
uid |
long |
|
user |
string |
|
vm |
string |
|