The possible values are: IPv4, IPv6, and EFA. The path that egress traffic takes to the destination. This value will be the same as 'start' input field or the data arrival time to Azure Monitor in case the 'start' input field is empty or missing. The timestamp (UTC) of when the event was generated. The bitmask value for the following TCP flags. The type of sublocation that is returned in the sublocationId field. Performance, TCO, and price-performance claims based on data from a study commissioned by Microsoft and. Implementing an end-to-end analytics solution in Azure costs up to 49 percent less compared to Google. Azure outperforms Google in both the medium and large enterprise TCO comparisons. The ID of the sublocation that contains the network interface for which traffic is recorded. Compare cloud analytics TCO for Azure and Google. The Region that contains the network interface for which traffic is recorded. The name of the subset of IP address ranges for the PktSrcAddr field, if the source IP address is for an AWS service. The packet-level (original) source IP address of the traffic. The name of the subset of IP address ranges for the PktDstAddr field, if the destination IP address is for an AWS service. The packet-level (original) destination IP address for the traffic. The number of packets transferred during the flow. The ID of the network interface for which the traffic is recorded. Uses user behavior analytics (UBA) and other AWS APIs to monitor sessions and users and to support information protection. Helps monitor and protect sessions after sign-in. The ID of the instance that's associated with network interface for which the traffic is recorded. Defender for Cloud Apps: Integrates with the Azure AD conditional access feature to enforce additional restrictions. The direction of the flow with respect to the interface where traffic is captured. The time when the last packet of the flow was received within the aggregation interval. The destination address for outgoing traffic. The number of bytes transferred during the flow. The action that is associated with the traffic. If the network interface is created by an AWS service, for example when creating a VPC endpoint or Network Load Balancer, the record may display unknown for this field. The AWS account ID of the owner of the source network interface for which traffic is recorded. VPC Flow Logs, which ingested from Sentinel's connector, enables you to capture IP traffic going to and from your AWS VPC network interfaces.
0 kommentar(er)
