From 1cc12dbabe9f982d0bf5dfaaddc1e944dab42e09 Mon Sep 17 00:00:00 2001
From: Manuel Melendez <mmelndezlujn@microsoft.com>
Date: Wed, 8 Nov 2023 15:41:03 -0800
Subject: [PATCH] Merge pull request #9037 from
 Azure/v-sabiraj-insiderriskmanagement    Required items, please complete

   Change(s):
   - Diana and Manny created a custom table for DeviceInfo

   Reason for Change(s):
   - To prevent merging problems from another PR which calls DeviceInfo in a detection query

   Version Updated:
   - No

   Testing Completed:
   - No

   Checked that the validations are passing and have addressed any issues that are present:
   - No
---
 .../CustomTables/DeviceInfo.json              | 141 ++++++++++++++++++
 1 file changed, 141 insertions(+)
 create mode 100644 .script/tests/KqlvalidationsTests/CustomTables/DeviceInfo.json

diff --git a/.script/tests/KqlvalidationsTests/CustomTables/DeviceInfo.json b/.script/tests/KqlvalidationsTests/CustomTables/DeviceInfo.json
new file mode 100644
index 00000000000..63330ca3870
--- /dev/null
+++ b/.script/tests/KqlvalidationsTests/CustomTables/DeviceInfo.json
@@ -0,0 +1,141 @@
+{
+    "Name":"DeviceInfo",
+    "Properties":[
+    {
+      "Name": "Timestamp",
+      "Type": "datetime"
+    },
+    {
+      "Name": "DeviceId",
+      "Type": "string"
+    },
+    {
+      "Name": "DeviceName",
+      "Type": "string"
+    },
+    {
+      "Name": "ClientVersion",
+      "Type": "string"
+    },
+    {
+      "Name": "PublicIP",
+      "Type": "string"
+    },
+    {
+      "Name": "OSArchitecture",
+      "Type": "string"
+    },
+    {
+      "Name": "OSPlatform",
+      "Type": "string"
+    },
+    {
+      "Name": "OSBuild",
+      "Type": "string"
+    },
+    {
+      "Name": "IsAzureADJoined",
+      "Type": "bool"
+    },
+    {
+      "Name": "AadDeviceId",
+      "Type": "string"
+    },
+    {
+      "Name": "LoggedOnUsers",
+      "Type": "string"
+    },
+    {
+      "Name": "RegistryDeviceTag",
+      "Type": "string"
+    },
+    {
+      "Name": "OSVersion",
+      "Type": "string"
+    },
+    {
+      "Name": "MachineGroup",
+      "Type": "string"
+    },
+    {
+      "Name": "ReportId",
+      "Type": "string"
+    },
+    {
+      "Name": "OnboardingStatus",
+      "Type": "string"
+    },
+    {
+      "Name": "AdditionalFields",
+      "Type": "string"
+    },
+    {
+      "Name": "DeviceCategory",
+      "Type": "string"
+    },
+    {
+      "Name": "DeviceType",
+      "Type": "string"
+    },
+    {
+      "Name": "DeviceSubtype",
+      "Type": "string"
+    },
+    {
+      "Name": "Model",
+      "Type": "string"
+    },
+    {
+      "Name": "Vendor",
+      "Type": "string"
+    }, 
+    {
+    "Name": "OSDistribution",
+    "Type": "string"
+    },
+    {
+    "Name": "OSVersionInfo",
+    "Type": "string"
+    },
+    {
+    "Name": "MergedDeviceIds",
+    "Type": "string"
+    },
+    {
+    "Name": "MergedToDeviceId",
+    "Type": "string"
+    },
+    {
+    "Name": "SensorHealthState",
+    "Type": "string"
+    },
+    {
+    "Name": "IsExcluded",
+    "Type": "bool"
+    },
+    {
+    "Name": "ExclusionReason",
+    "Type": "string"
+    },
+    {
+    "Name": "AssetValue",
+    "Type": "string"
+    },
+    {
+    "Name": "ExposureLevel",
+    "Type": "string"
+    },
+    {
+    "Name": "IsInternetFacing",
+    "Type": "bool"
+    },
+    {
+    "Name": "DeviceManualTags",
+    "Type": "string"
+    },
+    {
+    "Name": "DeviceDynamicTags",
+    "Type": "string"
+    }
+  ]
+  }
\ No newline at end of file