DeviceTvmSoftwareVulnerabilities

Captures various identity-related events, like password changes, password expiration, and user principal name (UPN) changes.

Table attributes

Attribute Value
Resource types -
Categories Security
Solutions SecurityInsights
Basic log No
Ingestion-time transformation Yes
Sample Queries Yes

Columns

Column Type Description
_BilledSize real The record size in bytes
CveId string Unique identifier assigned to the security vulnerability under the Common Vulnerabilities and Exposures (CVE) system
CveTags dynamic Array of tags relevant to the CVE; example: ZeroDay, NoSecurityUpdate
DeviceId string Unique identifier for the device in the service
DeviceName string Fully qualified domain name (FQDN) of the device
_IsBillable string Specifies whether ingesting the data is billable. When _IsBillable is false ingestion isn't billed to your Azure account
OSArchitecture string Architecture of the operating system running on the machine
OSPlatform string Platform of the operating system running on the device. This indicates specific operating systems, including variations within the same family, such as Windows 10 and Windows 7
OSVersion string Version of the operating system running on the machine
RecommendedSecurityUpdate string Name or description of the security update provided by the software vendor to address the vulnerability
RecommendedSecurityUpdateId string Identifier of the applicable security updates or identifier for the corresponding guidance or knowledge base (KB) articles
SoftwareName string Name of the software product
SoftwareVendor string Name of the software vendor
SoftwareVersion string Version number of the software product
SourceSystem string The type of agent the event was collected by. For example, OpsManager for Windows agent, either direct connect or Operations Manager, Linux for all Linux agents, or Azure for Azure Diagnostics
TenantId string The Log Analytics workspace ID
TimeGenerated datetime Date and time when the record was generated
Type string The name of the table
VulnerabilitySeverityLevel string Severity level assigned to the security vulnerability based on the CVSS score and dynamic factors influenced by the threat landscape