ASIM
The Advanced Security Information Model is a layer between the data and the user to configure what and how to ingest data from a source and to route it to a destination. ASIM provides standardization for security-focused log data.
Available ASIM Tables
| Table | Schema Version | Description |
|---|---|---|
ASimAlertEventLogs | 0.1 | Security alerts from various products |
ASimAuditEventLogs | 0.1 | Audit events and administrative actions |
ASimAuthenticationEventLogs | 0.1.3 | Authentication and logon events |
ASimDhcpEventLogs | 0.1 | DHCP address assignment events |
ASimDnsActivityLogs | 0.1.7 | DNS query and response events |
ASimFileEventLogs | 0.2.1 | File system activity events |
ASimNetworkSessionLogs | 0.2.6 | Network connection and session events |
ASimProcessEventLogs | 0.1.4 | Process creation and termination events |
ASimRegistryEventLogs | 0.1.2 | Windows registry modification events |
ASimUserManagementActivityLogs | 0.1 | User account management events |
ASimWebSessionLogs | 0.2.6 | Web browsing and HTTP session events |