Azure-Sentinel/Parsers/ASimWebSession/Tests/Fortinet_FortiGate_ASimWebSession_SchemaTest.csv at 6fd4882d0b2706cc1d69f5b7c4e0ce402dbca528 · t-pol/Azure-Sentinel · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
Result
"(0) Error: Missing recommended alias [HttpStatusCode] aliasing existing column [EventResultDetails]"
"(1) Warning: Missing recommended field [ASimMatchingIpAddr]"
"(1) Warning: Missing recommended field [DvcDomain]"
"(1) Warning: Missing recommended field [DvcIpAddr]"
"(1) Warning: Missing recommended field [SrcDomain]"
"(2) Info: Missing optional alias [Hash] aliasing non-existent column [MD5|SHA1|SHA256|SHA512]"
"(2) Info: Missing optional alias [InnerVlanId] aliasing non-existent column [SrcVlanId]"
"(2) Info: Missing optional alias [OuterVlanId] aliasing non-existent column [DstVlanId]"
"(2) Info: Missing optional field [AdditionalFields]"
"(2) Info: Missing optional field [DstAppId]"
"(2) Info: Missing optional field [DstAppName]"
"(2) Info: Missing optional field [DstAppType]"
"(2) Info: Missing optional field [DstDescription]"
"(2) Info: Missing optional field [DstDeviceType]"
"(2) Info: Missing optional field [DstDomain]"
"(2) Info: Missing optional field [DstDvcId]"
"(2) Info: Missing optional field [DstFQDN]"
"(2) Info: Missing optional field [DstGeoCity]"
"(2) Info: Missing optional field [DstGeoLatitude]"
"(2) Info: Missing optional field [DstGeoLongitude]"
"(2) Info: Missing optional field [DstGeoRegion]"
"(2) Info: Missing optional field [DstInterfaceGuid]"
"(2) Info: Missing optional field [DstMacAddr]"
"(2) Info: Missing optional field [DstNatIpAddr]"
"(2) Info: Missing optional field [DstNatPortNumber]"
"(2) Info: Missing optional field [DstOriginalUserType]"
"(2) Info: Missing optional field [DstUserId]"
"(2) Info: Missing optional field [DstUserType]"
"(2) Info: Missing optional field [DstVlanId]"
"(2) Info: Missing optional field [DvcDescription]"
"(2) Info: Missing optional field [DvcFQDN]"
"(2) Info: Missing optional field [DvcInboundInterface]"
"(2) Info: Missing optional field [DvcMacAddr]"
"(2) Info: Missing optional field [DvcOutboundInterface]"
"(2) Info: Missing optional field [DvcScopeId]"
"(2) Info: Missing optional field [DvcScope]"
"(2) Info: Missing optional field [DvcZone]"
"(2) Info: Missing optional field [EventOriginalResultDetails]"
"(2) Info: Missing optional field [EventOriginalSubType]"
"(2) Info: Missing optional field [EventOriginalType]"
"(2) Info: Missing optional field [EventOriginalUid]"
"(2) Info: Missing optional field [EventOwner]"
"(2) Info: Missing optional field [EventReportUrl]"
"(2) Info: Missing optional field [EventSubType]"
"(2) Info: Missing optional field [FileContentType]"
"(2) Info: Missing optional field [FileMD5]"
"(2) Info: Missing optional field [FileName]"
"(2) Info: Missing optional field [FileSHA1]"
"(2) Info: Missing optional field [FileSHA256]"
"(2) Info: Missing optional field [FileSHA512]"
"(2) Info: Missing optional field [FileSize]"
"(2) Info: Missing optional field [HttpContentFormat]"
"(2) Info: Missing optional field [HttpContentType]"
"(2) Info: Missing optional field [HttpCookie]"
"(2) Info: Missing optional field [HttpHost]"
"(2) Info: Missing optional field [HttpIsProxied]"
"(2) Info: Missing optional field [HttpRequestBodyBytes]"
"(2) Info: Missing optional field [HttpRequestCacheControl]"
"(2) Info: Missing optional field [HttpRequestHeaderCount]"
"(2) Info: Missing optional field [HttpRequestTime]"
"(2) Info: Missing optional field [HttpResponseBodyBytes]"
"(2) Info: Missing optional field [HttpResponseCacheControl]"
"(2) Info: Missing optional field [HttpResponseExpires]"
"(2) Info: Missing optional field [HttpResponseHeaderCount]"
"(2) Info: Missing optional field [HttpResponseTime]"
"(2) Info: Missing optional field [HttpVersion]"
"(2) Info: Missing optional field [NetworkConnectionHistory]"
"(2) Info: Missing optional field [NetworkDirection]"
"(2) Info: Missing optional field [NetworkIcmpCode]"
"(2) Info: Missing optional field [NetworkIcmpType]"
"(2) Info: Missing optional field [RuleName]"
"(2) Info: Missing optional field [SrcAppId]"
"(2) Info: Missing optional field [SrcAppName]"
"(2) Info: Missing optional field [SrcAppType]"
"(2) Info: Missing optional field [SrcDescription]"
"(2) Info: Missing optional field [SrcDeviceType]"
"(2) Info: Missing optional field [SrcDvcId]"
"(2) Info: Missing optional field [SrcFQDN]"
"(2) Info: Missing optional field [SrcGeoCity]"
"(2) Info: Missing optional field [SrcGeoLatitude]"
"(2) Info: Missing optional field [SrcGeoLongitude]"
"(2) Info: Missing optional field [SrcGeoRegion]"
"(2) Info: Missing optional field [SrcInterfaceGuid]"
"(2) Info: Missing optional field [SrcMacAddr]"
"(2) Info: Missing optional field [SrcNatIpAddr]"
"(2) Info: Missing optional field [SrcNatPortNumber]"
"(2) Info: Missing optional field [SrcOriginalUserType]"
"(2) Info: Missing optional field [SrcUserId]"
"(2) Info: Missing optional field [SrcUserType]"
"(2) Info: Missing optional field [SrcVlanId]"
"(2) Info: Missing optional field [ThreatCategory]"
"(2) Info: Missing optional field [ThreatConfidence]"
"(2) Info: Missing optional field [ThreatField]"
"(2) Info: Missing optional field [ThreatFirstReportedTime]"
"(2) Info: Missing optional field [ThreatId]"
"(2) Info: Missing optional field [ThreatIpAddr]"
"(2) Info: Missing optional field [ThreatIsActive]"
"(2) Info: Missing optional field [ThreatLastReportedTime]"
"(2) Info: Missing optional field [ThreatName]"
"(2) Info: Missing optional field [ThreatOriginalConfidence]"
"(2) Info: Missing optional field [ThreatRiskLevel]"
"(2) Info: Missing optional field [UrlOriginal]"