Merge pull request #313029 from yummyblabla/derricklee/add-entity-refs

JillGrant615 · web-flow · commit a112e4b952f8 · 2026-03-11T17:41:15.000-06:00
[ASIM] Clarify entity schemas in doc
diff --git a/articles/sentinel/TOC.yml b/articles/sentinel/TOC.yml
@@ -974,6 +974,8 @@
           href: normalization-known-issues.md
         - name: ASIM entities
           items:
+            - name: ASIM asset entity schema
+              href: normalization-schema-asset.md
             - name: ASIM user entity
               href: normalization-entity-user.md
             - name: ASIM device entity
@@ -984,16 +986,14 @@
           items:
             - name: ASIM alert event schema
               href: normalization-schema-alert.md
-            - name: ASIM asset entity schema
-              href: normalization-schema-asset.md
             - name: ASIM audit event schema
               href: normalization-schema-audit.md
             - name: ASIM authentication schema
               href: normalization-schema-authentication.md
-            - name: ASIM DNS schema
-              href: normalization-schema-dns.md
             - name: ASIM DHCP schema
               href: normalization-schema-dhcp.md
+            - name: ASIM DNS schema
+              href: normalization-schema-dns.md
             - name: ASIM file event schema
               href: normalization-schema-file-event.md
             - name: ASIM network session schema
diff --git a/articles/sentinel/normalization-about-schemas.md b/articles/sentinel/normalization-about-schemas.md
@@ -43,6 +43,8 @@ ASIM currently defines the following schemas for entities:
 | ------ | --------------------- | ------- | ------ |
 | [Asset Entity](normalization-schema-asset.md) | `AssetEntity` | 0.1.0 | GA |
 
+For entities which are part of other ASIM schemas, refer to [Event Entities](#event-entities).
+
 ## Field naming
 
 At the core of each schema are its field names. Field names belong to the following groups:
@@ -86,6 +88,9 @@ For more information about specific entity types, refer to:
 - [Device Entity](normalization-entity-device.md)
 - [Application Entity](normalization-entity-application.md)
 
+For more information about full entity schemas, refer to:
+- [Asset Entity Schema](normalization-schema-asset.md)
+
 ## Aliases
 
  Aliases allow multiple names for a specified value. In some cases, different users expect a field to have different names. For example, in DNS terminology, you might expect a field named [DnsQuery](normalization-schema-dns.md#query), while more generally, it holds a domain name. The alias [Domain](normalization-schema-dns.md#domain) helps the user by allowing the use of both names. 
