Obsidian Security
Obsidian Security provides threat detection and response for SaaS environments, focusing on monitoring user behavior and detecting account compromise or insider threats. Obsidian Security logs capture detailed activity across SaaS applications, including user access, permissions changes, anomalous behavior, and potential security incidents. These logs help organizations detect threats, enforce security policies, and safeguard against unauthorized access or data breaches.
Ingest Method
This source uses am HTTP webhook to ingest events. Create the source in RunReveal and a new webhook URL will be generated. Use this URL when setting up your source.
Setup
Once you copy this webhook URL, add it to your obsidian organization to receive event logs.
Schema
The following columns are exposed for this source. RunReveal applies schema normalization across all sources, ensuring uniform field names and data types for cross-source queries and reusable detection logic.
Table: runreveal_logs (22 columns)
runreveal_logs (22 columns)| Column | Type |
|---|---|
id | String |
receivedAt | DateTime |
workspaceID | String |
sourceType | String |
sourceID | String |
eventID | String |
eventName | String |
eventTime | DateTime |
readOnly | Bool |
srcIP | String |
resources | Array(String) |
serviceName | String |
srcASOrganization | Nullable(String) |
srcASNumber | Nullable(UInt32) |
srcASCountryCode | Nullable(String) |
dstIP | String |
dstASOrganization | Nullable(String) |
dstASNumber | Nullable(UInt32) |
dstASCountryCode | Nullable(String) |
actor | Map(String, String) |
tags | Map(String, String) |
rawLog | String |