42 строки
1.4 KiB
JSON
42 строки
1.4 KiB
JSON
{
|
|
"version": "Notebook/1.0",
|
|
"items": [
|
|
{
|
|
"type": 1,
|
|
"content": {
|
|
"json": "## Citrix WAF (Web App Firewall) Workbook\n---\n\nGain insight into the Citrix WAF logs."
|
|
},
|
|
"name": "text - 2"
|
|
},
|
|
{
|
|
"type": 3,
|
|
"content": {
|
|
"version": "KqlItem/1.0",
|
|
"query": "union withsource=TableName CommonSecurityLog\n| where DeviceVendor == \"Citrix\"\n| where DeviceProduct == \"NetScaler\"\n| summarize Count=count() by Activity",
|
|
"size": 1,
|
|
"queryType": 0,
|
|
"resourceType": "microsoft.operationalinsights/workspaces",
|
|
"visualization": "barchart"
|
|
},
|
|
"name": "Distribution of Vulnerabilities detected"
|
|
},
|
|
{
|
|
"type": 3,
|
|
"content": {
|
|
"version": "KqlItem/1.0",
|
|
"query": "union withsource=TableName CommonSecurityLog\n| where DeviceVendor == \"Citrix\"\n| where DeviceProduct == \"NetScaler\"\n| summarize Count=count() by DeviceAction",
|
|
"size": 1,
|
|
"queryType": 0,
|
|
"resourceType": "microsoft.operationalinsights/workspaces",
|
|
"visualization": "table"
|
|
},
|
|
"name": "Distribution of Action taken by Citrix WAF based on configuration"
|
|
}
|
|
],
|
|
"fallbackResourceIds": [
|
|
""
|
|
],
|
|
"styleSettings": {},
|
|
"fromTemplateId": "sentinel-Citrix_WAF",
|
|
"$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json"
|
|
} |