Data Source
Obsidian Datasharing provides aggregated security data and threat intelligence feeds. This connector ingests activity events and threat indicators from the Obsidian platform covering various security domains.
Ingestion Mechanism
CCF/DCR-based connector with custom table schemas for ObsidianActivity and ObsidianThreat data streams. Uses structured data ingestion with comprehensive field mappings for activity tracking and threat intelligence.
Detection Surface Unlocked
Provides visibility into security events, threat indicators, user activities, and security control effectiveness. The platform aggregates data from multiple security sources to provide unified visibility and threat correlation capabilities.
Table Schemas
- ObsidianActivity: Activity events with ASIM-compatible fields for user actions, device information, and event metadata
- ObsidianThreat: Threat intelligence indicators with threat classification, confidence levels, and contextual information
Affected Files
Solutions/Obsidian Datasharing/Data Connectors/ObsidianDatasharing_CCP/ObsidianDatasharing_ConnectorDefinition.json Solutions/Obsidian Datasharing/Data Connectors/ObsidianDatasharing_CCP/ObsidianDatasharing_DCR.json Solutions/Obsidian Datasharing/Data Connectors/ObsidianDatasharing_CCP/ObsidianDatasharing_PollerConfig.json (packaging artefacts: mainTemplate.json, createUiDefinition.json, solution metadata)