change to CommonSecurityLog to get it to work
This commit is contained in:
craigtattan
Родитель
0ea34315d6
Коммит
278515f17c
|
|
@ -7,26 +7,26 @@
|
|||
{
|
||||
"metricName": "Total data received",
|
||||
"legend": "ibossUrlEvent",
|
||||
"baseQuery": "ibossUrlEvent | where AdditionalExtensions !contains \"amaExternalLogService=true\""
|
||||
"baseQuery": "CommonSecurityLog | where DeviceVendor =~ 'iboss' and AdditionalExtensions !contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"sampleQueries": [
|
||||
{
|
||||
"description": "Logs Received from the past week",
|
||||
"query": "ibossUrlEvent | where TimeGenerated > ago(7d) and AdditionalExtensions !contains \"amaExternalLogService=true\""
|
||||
"query": "CommonSecurityLog | where DeviceVendor =~ 'iboss' and TimeGenerated > ago(7d) and AdditionalExtensions !contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"dataTypes": [
|
||||
{
|
||||
"name": "ibossUrlEvent",
|
||||
"lastDataReceivedQuery": "ibossUrlEvent\n| where AdditionalExtensions !contains \"amaExternalLogService=true\"\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
"lastDataReceivedQuery": "CommonSecurityLog\n| where DeviceVendor =~ 'iboss' and AdditionalExtensions !contains 'amaExternalLogService=true'\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
}
|
||||
],
|
||||
"connectivityCriterias": [
|
||||
{
|
||||
"type": "IsConnectedQuery",
|
||||
"value": [
|
||||
"ibossUrlEvent\n | where AdditionalExtensions !contains \"amaExternalLogService=true\"\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
|
||||
"CommonSecurityLog\n | where DeviceVendor =~ 'iboss'\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
|
||||
]
|
||||
}
|
||||
],
|
||||
|
|
|
|||
|
|
@ -7,26 +7,26 @@
|
|||
{
|
||||
"metricName": "Total data received",
|
||||
"legend": "ibossUrlEvent",
|
||||
"baseQuery": "ibossUrlEvent\n |where AdditionalExtensions contains \"amaExternalLogService=true\""
|
||||
"baseQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'iboss' and AdditionalExtensions contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"sampleQueries": [
|
||||
{
|
||||
"description": "Logs Received from the past week",
|
||||
"query": "ibossUrlEvent\n | where TimeGenerated > ago(7d) and AdditionalExtensions contains \"amaExternalLogService=true\""
|
||||
"query": "CommonSecurityLog\n | where DeviceVendor =~ 'iboss' and TimeGenerated > ago(7d) and AdditionalExtensions contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"dataTypes": [
|
||||
{
|
||||
"name": "ibossUrlEvent",
|
||||
"lastDataReceivedQuery": "ibossUrlEvent\n | where AdditionalExtensions contains \"amaExternalLogService=true\"\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
"lastDataReceivedQuery": "CommonSecurityLog\n | where DeviceVendor =~ 'iboss' and AdditionalExtensions contains 'amaExternalLogService=true'\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
}
|
||||
],
|
||||
"connectivityCriterias": [
|
||||
{
|
||||
"type": "IsConnectedQuery",
|
||||
"value": [
|
||||
"ibossUrlEvent\n |where AdditionalExtensions contains \"amaExternalLogService=true\"\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)"
|
||||
"CommonSecurityLog\n | where DeviceVendor =~ 'iboss'\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
|
||||
]
|
||||
}
|
||||
],
|
||||
|
|
|
|||
Двоичные данные
Solutions/iboss/Package/3.1.1.zip
Двоичные данные
Solutions/iboss/Package/3.1.1.zip
Двоичный файл не отображается.
|
|
@ -123,26 +123,26 @@
|
|||
{
|
||||
"metricName": "Total data received",
|
||||
"legend": "ibossUrlEvent",
|
||||
"baseQuery": "ibossUrlEvent | where AdditionalExtensions !contains \"amaExternalLogService=true\""
|
||||
"baseQuery": "CommonSecurityLog | where DeviceVendor =~ 'iboss' and AdditionalExtensions !contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"sampleQueries": [
|
||||
{
|
||||
"description": "Logs Received from the past week",
|
||||
"query": "ibossUrlEvent | where TimeGenerated > ago(7d) and AdditionalExtensions !contains \"amaExternalLogService=true\""
|
||||
"query": "CommonSecurityLog | where DeviceVendor =~ 'iboss' and TimeGenerated > ago(7d) and AdditionalExtensions !contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"dataTypes": [
|
||||
{
|
||||
"name": "ibossUrlEvent",
|
||||
"lastDataReceivedQuery": "ibossUrlEvent\n| where AdditionalExtensions !contains \"amaExternalLogService=true\"\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
"lastDataReceivedQuery": "CommonSecurityLog\n| where DeviceVendor =~ 'iboss' and AdditionalExtensions !contains 'amaExternalLogService=true'\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
}
|
||||
],
|
||||
"connectivityCriterias": [
|
||||
{
|
||||
"type": "IsConnectedQuery",
|
||||
"value": [
|
||||
"ibossUrlEvent\n | where AdditionalExtensions !contains \"amaExternalLogService=true\"\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
|
||||
"CommonSecurityLog\n | where DeviceVendor =~ 'iboss'\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
|
||||
]
|
||||
}
|
||||
],
|
||||
|
|
@ -319,27 +319,27 @@
|
|||
{
|
||||
"metricName": "Total data received",
|
||||
"legend": "ibossUrlEvent",
|
||||
"baseQuery": "ibossUrlEvent | where AdditionalExtensions !contains \"amaExternalLogService=true\""
|
||||
"baseQuery": "CommonSecurityLog | where DeviceVendor =~ 'iboss' and AdditionalExtensions !contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"dataTypes": [
|
||||
{
|
||||
"name": "ibossUrlEvent",
|
||||
"lastDataReceivedQuery": "ibossUrlEvent\n| where AdditionalExtensions !contains \"amaExternalLogService=true\"\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
"lastDataReceivedQuery": "CommonSecurityLog\n| where DeviceVendor =~ 'iboss' and AdditionalExtensions !contains 'amaExternalLogService=true'\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
}
|
||||
],
|
||||
"connectivityCriterias": [
|
||||
{
|
||||
"type": "IsConnectedQuery",
|
||||
"value": [
|
||||
"ibossUrlEvent\n | where AdditionalExtensions !contains \"amaExternalLogService=true\"\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
|
||||
"CommonSecurityLog\n | where DeviceVendor =~ 'iboss'\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
|
||||
]
|
||||
}
|
||||
],
|
||||
"sampleQueries": [
|
||||
{
|
||||
"description": "Logs Received from the past week",
|
||||
"query": "ibossUrlEvent | where TimeGenerated > ago(7d) and AdditionalExtensions !contains \"amaExternalLogService=true\""
|
||||
"query": "CommonSecurityLog | where DeviceVendor =~ 'iboss' and TimeGenerated > ago(7d) and AdditionalExtensions !contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"availability": {
|
||||
|
|
@ -451,26 +451,26 @@
|
|||
{
|
||||
"metricName": "Total data received",
|
||||
"legend": "ibossUrlEvent",
|
||||
"baseQuery": "ibossUrlEvent\n |where AdditionalExtensions contains \"amaExternalLogService=true\""
|
||||
"baseQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'iboss' and AdditionalExtensions contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"sampleQueries": [
|
||||
{
|
||||
"description": "Logs Received from the past week",
|
||||
"query": "ibossUrlEvent\n | where TimeGenerated > ago(7d) and AdditionalExtensions contains \"amaExternalLogService=true\""
|
||||
"query": "CommonSecurityLog\n | where DeviceVendor =~ 'iboss' and TimeGenerated > ago(7d) and AdditionalExtensions contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"dataTypes": [
|
||||
{
|
||||
"name": "ibossUrlEvent",
|
||||
"lastDataReceivedQuery": "ibossUrlEvent\n | where AdditionalExtensions contains \"amaExternalLogService=true\"\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
"lastDataReceivedQuery": "CommonSecurityLog\n | where DeviceVendor =~ 'iboss' and AdditionalExtensions contains 'amaExternalLogService=true'\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
}
|
||||
],
|
||||
"connectivityCriterias": [
|
||||
{
|
||||
"type": "IsConnectedQuery",
|
||||
"value": [
|
||||
"ibossUrlEvent\n |where AdditionalExtensions contains \"amaExternalLogService=true\"\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)"
|
||||
"CommonSecurityLog\n | where DeviceVendor =~ 'iboss'\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
|
||||
]
|
||||
}
|
||||
],
|
||||
|
|
@ -630,27 +630,27 @@
|
|||
{
|
||||
"metricName": "Total data received",
|
||||
"legend": "ibossUrlEvent",
|
||||
"baseQuery": "ibossUrlEvent\n |where AdditionalExtensions contains \"amaExternalLogService=true\""
|
||||
"baseQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'iboss' and AdditionalExtensions contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"dataTypes": [
|
||||
{
|
||||
"name": "ibossUrlEvent",
|
||||
"lastDataReceivedQuery": "ibossUrlEvent\n | where AdditionalExtensions contains \"amaExternalLogService=true\"\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
"lastDataReceivedQuery": "CommonSecurityLog\n | where DeviceVendor =~ 'iboss' and AdditionalExtensions contains 'amaExternalLogService=true'\n| summarize Time = max(TimeGenerated)\n| where isnotempty(Time)"
|
||||
}
|
||||
],
|
||||
"connectivityCriterias": [
|
||||
{
|
||||
"type": "IsConnectedQuery",
|
||||
"value": [
|
||||
"ibossUrlEvent\n |where AdditionalExtensions contains \"amaExternalLogService=true\"\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)"
|
||||
"CommonSecurityLog\n | where DeviceVendor =~ 'iboss'\n| summarize LastLogReceived = max(TimeGenerated)\n| project IsConnected = LastLogReceived > ago(30d)"
|
||||
]
|
||||
}
|
||||
],
|
||||
"sampleQueries": [
|
||||
{
|
||||
"description": "Logs Received from the past week",
|
||||
"query": "ibossUrlEvent\n | where TimeGenerated > ago(7d) and AdditionalExtensions contains \"amaExternalLogService=true\""
|
||||
"query": "CommonSecurityLog\n | where DeviceVendor =~ 'iboss' and TimeGenerated > ago(7d) and AdditionalExtensions contains 'amaExternalLogService=true'"
|
||||
}
|
||||
],
|
||||
"availability": {
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче