deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 19:03:46 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

fix table

Browse Source
This commit is contained in:
jcaparas
2017-05-24 19:14:01 -07:00
parent 226c375d50
commit 174e938e0c
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
windows/threat-protection/windows-defender-atp/api-portal-mapping-windows-defender-advanced-threat-protection.md
View File

@ -28,7 +28,7 @@ Understand what data fields are exposed as part of the alerts API and how they m
Field numbers match the numbers in the images below.
Portal label | SIEM field name | ArcSight field| Example value | Description
:---|:---|:---
:---|:---|:---|:---|:---
1 | AlertTitle | name | A dll was unexpectedly loaded into a high integrity process without a UAC prompt | Value available for every alert.
2 | Severity | deviceSeverity | Medium | Value available for every alert.
3 | Category | deviceEventCategory | Privilege Escalation | Value available for every alert.
@ -62,11 +62,11 @@ Portal label | SIEM field name | ArcSight field| Example value | Description
![Image of alert with numbers](images/atp-siem-mapping1.png)
![Image of alert details pane with numbers](images/atp-mapping2.png)
![Image of alert details pane with numbers](images/atp-siem-mapping2.png)
![Image of alert timeline with numbers](images/atp-mapping3.png)
![Image of alert timeline with numbers](images/atp-siem-mapping3.png)
![Image of alert timeline with numbers](images/atp-mapping4.png)
![Image of alert timeline with numbers](images/atp-siem-mapping4.png)
![Image browser URL](images/atp-mapping5.png)