Log Analytics: Threat Intelligence indicators for threats detected in logs

Log Analytics now displays Threat Intelligence information through indicators such as Type, Overall confidence, Last reported, First reported, Most recently reported by, Geolocation, OCID, and Indicator history. These indicators are available for you to analyze and mitigate the threat detected with the Threat IPs field in the logs.

To view the threat intelligence information in your logs, first set up the geolocation field enrichment, and enable the option for threat intelligence enrichment. For detailed steps, see Use the Geolocation Field for Grouping Logs.

For more information about the indicators, see Threat Intelligence Indicators.