CMDB classes targeted in the Service Graph Connector for Microsoft Defender for IoT (On-premises Management Console)
When you complete the guided setup, you can configure the integration to periodically pull data from a Microsoft Defender for IoT (On-premises Management Console) project. The data is saved in tables that extend from the Configuration item [cmdb_ci] table.
Computer [cmdb_ci_computer]
The following attributes in the Computer [cmdb_ci_computer] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| Most recent discovery | last_discovered |
| Operating System | os |
| OS Address Width (bits) | os_address_width |
| OS Domain | os_domain |
| OS Version | os_version |
External system metadata [cmdb_key_value_v2]
The following attributes in the External system metadata [cmdb_key_value_v2] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| Discovery source | discovery_source |
| Key | key |
| Source key | source_key |
| String value | string_value |
| URL value | url_value |
| Value type | value_type |
Hardware [cmdb_ci_hardware]
The following attributes in the Hardware [cmdb_ci_hardware] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| Class | sys_class_name |
| Model number | model_number |
| Most recent discovery | last_discovered |
| Location | location |
| Model ID | model_id |
| Manufacturer | manufacturer |
| First discovered | first_discovered |
| Owned by | owned_by |
| Approval group | change_control |
| Managed By Group | managed_by_group |
| Managed by | managed_by |
| Name | name |
| Company | company |
| Support group | support_group |
| Change Group | assignment_group |
| Assigned to | assigned_to |
| Supported by | supported_by |
| Parent class | Relationship type | Child class |
|---|---|---|
| Hardware [cmdb_ci_hardware] | Owns::Owned by | IP Address [cmdb_ci_ip_address] |
| Hardware [cmdb_ci_hardware] | Owns::Owned by | Network Adapter [cmdb_ci_network_adapter] |
| Hardware [cmdb_ci_hardware] | Reference | External system metadata [cmdb_key_value_v2] |
| Hardware [cmdb_ci_hardware] | Reference | OT Device [cmdb_ot_entity] |
IP Address [cmdb_ci_ip_address]
The following attributes in the IP Address [cmdb_ci_ip_address] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| IP Address | ip_address |
| IP version | ip_version |
| Owned By Configuration Item | owned_by_cmdb_ci |
| Parent class | Relationship type | Child class |
|---|---|---|
| IP Address [cmdb_ci_ip_address] | Reference | Network Intrusion Detection System [cmdb_ci_nids] |
| IP Address [cmdb_ci_ip_address] | Reference | Hardware [cmdb_ci_hardware] |
Network Adapter [cmdb_ci_network_adapter]
The following attributes in the Network Adapter [cmdb_ci_network_adapter] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| MAC Address | mac_address |
| Name | name |
| Discovery source | discovery_source |
| Parent class | Relationship type | Child class |
|---|---|---|
| Network Adapter [cmdb_ci_network_adapter] | Reference | Network Intrusion Detection System [cmdb_ci_nids] |
| Network Adapter [cmdb_ci_network_adapter] | Reference | Hardware [cmdb_ci_hardware] |
Network Intrusion Detection System [cmdb_ci_nids]
The following attributes in the Network Intrusion Detection System [cmdb_ci_nids] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| First discovered | first_discovered |
| NIDS source name | source_name |
| Life Cycle Stage | life_cycle_stage |
| Life Cycle Stage Status | life_cycle_stage_status |
| Name | name |
| Correlation ID | correlation_id |
| Firmware version | firmware_version |
| Fully qualified domain name | fqdn |
| NIDS assignment zone | zone |
| NIDS manager connection state | connection_state |
| Validated | validated |
| Manufacturer | manufacturer |
| Parent class | Relationship type | Child class |
|---|---|---|
| Network Intrusion Detection System [cmdb_ci_nids] | Detects::Detected by | Hardware [cmdb_ci_hardware] |
| Network Intrusion Detection System [cmdb_ci_nids] | Owns::Owned by | IP Address [cmdb_ci_ip_address] |
| Network Intrusion Detection System [cmdb_ci_nids] | Owns::Owned by | Network Adapter [cmdb_ci_network_adapter] |
Operational Technology (OT) [cmdb_ci_ot]
The following attributes in the Operational Technology (OT) [cmdb_ci_ot] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| Most recent discovery | last_discovered |
OT Control Module [cmdb_ci_ot_control_module]
The following attributes in the OT Control Module [cmdb_ci_ot_control_module] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| Vendor | vendor |
| Support group | support_group |
| Serial number | serial_number |
| Class | sys_class_name |
| First discovered | first_discovered |
| Approval group | change_control |
| Managed by | managed_by |
| Managed By Group | managed_by_group |
| Change Group | assignment_group |
| Company | company |
| Rack number | rack_number |
| Slot number | slot_number |
| Location | location |
| Name | name |
| Firmware version | firmware_version |
| Most recent discovery | last_discovered |
| Assigned to | assigned_to |
| Owned by | owned_by |
| Supported by | supported_by |
| Model ID | model_id |
| Parent class | Relationship type | Child class |
|---|---|---|
| OT Control Module [cmdb_ci_ot_control_module] | Reference | OT Device [cmdb_ot_entity] |
OT Control System [cmdb_ci_ot_control]
The following attributes in the OT Control System [cmdb_ci_ot_control] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| Has module | has_module |
| Most recent discovery | last_discovered |
| Parent class | Relationship type | Child class |
|---|---|---|
| OT Control System [cmdb_ci_ot_control] | Owns::Owned by | OT Control Module [cmdb_ci_ot_control_module] |
OT Device [cmdb_ot_entity]
The following attributes in the OT Device [cmdb_ot_entity] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| ISA entity site | isa_entity_site |
| OT discovery source ID | ot_correlation_id |
| Device criticality | business_criticality |
| Purdue level | purdue_level |
| Zone | zone |
| OT device type | ot_asset_type |
PLC [cmdb_ci_ot_plc]
The following attributes in the PLC [cmdb_ci_ot_plc] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| Most recent discovery | last_discovered |
| Switch position | switch_position |
| Switch remote | switch_remote_mode |
Serial Number [cmdb_serial_number]
The following attributes in the Serial Number [cmdb_serial_number] table are populated by collected data:
| Attribute label | Attribute name |
|---|---|
| Serial Number | serial_number |
| Serial Number Type | serial_number_type |
| Valid | valid |
| Parent class | Relationship type | Child class |
|---|---|---|
| Serial Number [cmdb_serial_number] | Reference | Hardware [cmdb_ci_hardware] |
| Network Adapter [cmdb_ci_network_adapter] | Reference | Hardware [cmdb_ci_hardware] |