Azure · lkwdwrd · Feb 3, 2026 · Feb 5, 2026 · Feb 6, 2026
@@ -0,0 +1,7 @@
+TenantId,TimeGenerated,EventMessage,EventCount,EventType,EventSubType,EventResult,EventSeverity,EventProduct,EventVendor,EventSchema,EventSchemaVersion,EventStartTime,EventEndTime,Type,AdditionalFields,ActorUserId,ActorUserIdType,ActorUserType,ActorUsername,ActorUsernameType,Dvc,DvcAction,DvcHostname,DvcIpAddr,Dst,DstDeviceType,DstFQDN,DstHostname,DstIpAddr,DstPortNumber,EventOriginalSeverity,EventProductVersion,HttpRequestMethod,HttpStatusCode,IpAddr,LogonType,NetworkDirection,NetworkProtocol,Object,ObjectType,Operation,Src,SrcDeviceType,SrcFQDN,SrcHostname,SrcIpAddr,SrcMacAddr,SrcPortNumber,TargetOriginalUserType,TargetProcessCommandLine,TargetProcessId,TargetProcessName,TargetUserId,TargetUserIdType,TargetUsername,TargetUsernameType,TargetUserType,Url,User
+e59abb33-de21-421b-8306-241917e0d20e,2026-02-02T20:29:39.651Z,Daily backup scheduled,1,Create,Create,Success,Informational,AcmeScheduler,AcmeCorp,AuditEvent,0.1,2026-02-02T20:29:39.651Z,2026-02-02T20:29:39.651Z,ASimAuditEventLogs,"{""OCSF"":{""actor"":{""user"":{""name"":""backup-scheduler"",""type"":""Service""}},""category_uid"":6,""class_name"":""Scheduled Job Activity"",""class_uid"":6004,""job"":{""name"":""daily-backup"",""run_count"":365},""message"":""Daily backup scheduled"",""metadata"":{""log_provider"":""scheduler"",""product"":{},""version"":""1.3.0""},""severity"":""Informational"",""severity_id"":1,""time"":1770064179651,""timezone_offset"":0,""type_name"":""Scheduled Job Activity: Create"",""type_uid"":600401},""_ConnectorId"":""SynqlySentinelASIMConnector""}",scheduler-001,Other,Service,backup-scheduler,Simple,AcmeScheduler,,,,,,,,,Informational,2.5.0,,,,,,,daily-backup,Scheduled Task,Schedule,,,,,,,,,,,,,,,,,,,backup-scheduler
+e59abb33-de21-421b-8306-241917e0d20e,2026-02-02T20:29:39.611Z,User authentication successful,1,Logon,,Success,Informational,Identity Provider,Example Corp,Authentication,0.1.1,2026-02-02T20:29:39.611Z,2026-02-02T20:29:39.611Z,ASimAuthenticationEventLogs,"{""OCSF"":{""actor"":{""user"":{""credential_uid"":""credential-789"",""email_addr"":""sanitized@sanitized.com""}},""category_uid"":3,""class_name"":""Authentication"",""class_uid"":3002,""dst_endpoint"":{""hostname"":""auth.example.com"",""instance_uid"":""auth-instance-123"",""ip"":""10.0.2.25"",""name"":""authentication-service"",""port"":443},""metadata"":{""log_provider"":""idp-service"",""product"":{},""version"":""1.3.0""},""severity"":""Informational"",""severity_id"":1,""src_endpoint"":{""name"":""john-laptop""},""time"":1770064179611,""timezone_offset"":0,""type_name"":""Authentication: Logon"",""type_uid"":300201},""_ConnectorId"":""SynqlySentinelASIMConnector""}",user-123,Other,Other,john.smith,Simple,Identity Provider,,,,,,,,,Informational,4.2.1,,,10.0.2.15,Interactive,,,,,,,user-workstation,Other,user-workstation,user-workstation,10.0.2.15,aa:bb:cc:dd:ee:ff,54321,,,,,,,,Other,,
+e59abb33-de21-421b-8306-241917e0d20e,2026-02-02T20:29:39.641Z,New network connection opened.,1,NetworkSession,Start,Success,Medium,ExampleNetworkMonitor,ExampleCorp,NetworkSession,0.2.6,2026-02-02T20:29:39.641Z,2026-02-02T20:29:39.641Z,ASimNetworkSessionLogs,"{""OCSF"":{""connection_info"":{""direction"":""Inbound"",""protocol_name"":""TCP""},""dst_endpoint"":{""hostname"":""webserver.example.com"",""ip"":""10.0.7.100"",""port"":443},""message"":""New network connection opened."",""metadata"":{""log_provider"":""network-monitor"",""product"":{},""version"":""1.3.0""},""severity"":""Medium"",""severity_id"":2,""src_endpoint"":{""hostname"":""client-001"",""ip"":""192.168.1.50"",""port"":52341},""time"":1770064179641,""timezone_offset"":0,""traffic"":{""bytes_in"":1024,""bytes_out"":2048,""packets_in"":10,""packets_out"":15},""type_name"":""Network Activity: Open"",""type_uid"":400101},""_ConnectorId"":""SynqlySentinelASIMConnector""}",,,,,,ExampleNetworkMonitor,Allow,,,10.0.7.100,Other,webserver.example.com,webserver,10.0.7.100,443,Medium,4.0.0,,,,,Inbound,TCP,,,,192.168.1.50,Other,client-001.example.com,client-001,192.168.1.50,,52341,,,,,,,,Other,,
+e59abb33-de21-421b-8306-241917e0d20e,2026-02-02T20:29:39.644Z,Process launched,1,ProcessCreated,,Unknown,Informational,Endpoint Detection and Response,Example Corp,ProcessEvent,0.1.4,2026-02-02T20:29:39.644Z,2026-02-02T20:29:39.644Z,ASimProcessEventLogs,"{""OCSF"":{""actor"":{""process"":{""cmd_line"":""/bin/bash"",""name"":""bash"",""pid"":1000},""user"":{""name"":""developer""}},""category_uid"":1,""class_name"":""Process Activity"",""class_uid"":1007,""message"":""Process launched"",""metadata"":{""log_provider"":""edr-agent"",""product"":{},""version"":""1.3.0""},""process"":{""cmd_line"":""python3 script.py"",""name"":""python3"",""pid"":5678},""severity"":""Informational"",""severity_id"":1,""time"":1770064179644,""timezone_offset"":0,""type_name"":""Process Activity: Launch"",""type_uid"":100701},""_ConnectorId"":""SynqlySentinelASIMConnector""}",,,,,,,,dev-workstation,10.0.8.30,,,,,,Informational,5.1.0,,,,,,,,,,,,,,,,,,python3 script.py,5678,python3,,,developer,,,,
+e59abb33-de21-421b-8306-241917e0d20e,2026-02-02T20:29:39.605Z,User account created,1,UserCreated,,Unknown,Informational,User Management System,Example Corp,UserManagement,0.1.1,2026-02-02T20:29:39.605Z,2026-02-02T20:29:39.605Z,ASimUserManagementActivityLogs,"{""OCSF"":{""actor"":{""user"":{""credential_uid"":""credential-789"",""email_addr"":""sanitized@sanitized.com""}},""category_uid"":3,""class_name"":""Account Change"",""class_uid"":3001,""message"":""User account created"",""metadata"":{""log_provider"":""identity-provider"",""product"":{},""version"":""1.3.0""},""severity"":""Informational"",""severity_id"":1,""src_endpoint"":{""name"":""admin-laptop"",""port"":54321},""time"":1770064179605,""timezone_offset"":0,""type_name"":""Account Change: Create"",""type_uid"":300101,""user"":{""email_addr"":""sanitized@sanitized.com""}},""_ConnectorId"":""SynqlySentinelASIMConnector""}",admin-user-123,Other,Other,admin,Simple,,,,,,,,,,,Informational,2.5.1,,,10.0.0.15,,,,,,,admin-workstation,Other,admin-workstation,admin-workstation,10.0.0.15,,,Regular,,,new-user-456,Other,jane.doe,Simple,Regular,,admin
+e59abb33-de21-421b-8306-241917e0d20e,2026-02-02T20:29:39.664Z,Web access request,1,HTTPSession,,Unknown,Informational,Web Application Firewall,Example Corp,WebSession,0.2.6,2026-02-02T20:29:39.664Z,2026-02-02T20:29:39.664Z,ASimWebSessionLogs,"{""OCSF"":{""category_uid"":4,""class_name"":""HTTP Activity"",""class_uid"":4002,""dst_endpoint"":{""hostname"":""webapp.example.com"",""ip"":""10.0.11.100"",""port"":443},""http_request"":{""http_method"":""GET"",""url"":{""hostname"":""webapp.example.com"",""path"":""/api/data"",""scheme"":""https""}},""http_response"":{""code"":200},""message"":""Web access request"",""metadata"":{""log_provider"":""waf"",""product"":{},""version"":""1.3.0""},""severity"":""Informational"",""severity_id"":1,""src_endpoint"":{""hostname"":""client-browser"",""ip"":""192.168.2.100"",""port"":54000},""time"":1770064179664,""timezone_offset"":0,""type_name"":""HTTP Activity: Traffic"",""type_uid"":400201},""_ConnectorId"":""SynqlySentinelASIMConnector""}",,,,,,Web Application Firewall,,,10.0.11.100,10.0.11.100,Other,webapp.example.com,webapp,10.0.11.100,443,Informational,3.5.0,GET,200,,,,,,,,192.168.2.100,Other,client-browser,client-browser,192.168.2.100,,54000,,,,,,,,,,https://webapp.example.com/api/data,