Aug 04 2021
08:09 AM
- last edited on
Nov 03 2021
03:58 AM
by
TechCommunityAP
Aug 04 2021
08:09 AM
- last edited on
Nov 03 2021
03:58 AM
by
TechCommunityAP
What's new: ASIM File Activity schema - Microsoft Tech Community
In addition to ASIM advantages: cross source analytics, source agnostic rules, and ease of use, the File Activity Schema lets you write rules that span endpoint, server, and cloud activity. We have included parsers for Sysmon, Microsoft 365 Defender for Endpoint, SharePoint, OneDrive, and Azure Storage. For example: