Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
Azure-Sentinel/ASIM
История
Heikki Salo 71f13168a9
ASimTester: Relax NetworkSession/EventSeverity to Recommended 
In current ASIM common fields and NetworkSession schemas
EventSeverity is listed as a Recommended field.

Change its class from Mandatory to Recommended.

https://learn.microsoft.com/en-us/azure/sentinel/normalization-common-fields
https://learn.microsoft.com/en-us/azure/sentinel/normalization-schema-network
 		2023-05-02 08:16:30 -07:00
..
deploy Update README.md 2023-04-17 14:12:23 +03:00
dev ASimTester: Relax NetworkSession/EventSeverity to Recommended 2023-05-02 08:16:30 -07:00
lib Version update 2023-05-01 17:11:45 +03:00
schemas
ASimFullDeployment.json asim/workspace-region-deploy 2023-04-18 14:12:09 +03:00
README.md

README.md

Deploy ASIM

This template deploys all ASIM parsers. The Advanced Security Information Model (ASIM) enables you to use and create source-agnostic content, simplifying your analysis of the data in your Microsoft Sentinel workspace.

For more information, see Normalization and the Advanced Security Information Model (ASIM)


Deploy to Azure

Deploy to Azure Gov


To deploy a single schema use the buttons below:

ASim Schema Deploy Deploy to Azure Gov
Audit Event Deploy to Azure Deploy to Azure Gov
Authentication Deploy to Azure Deploy to Azure Gov
Dns Deploy to Azure Deploy to Azure Gov
File Event Deploy to Azure Deploy to Azure Gov
Network Session Deploy to Azure Deploy to Azure Gov
Web Session Deploy to Azure Deploy to Azure Gov
Process Event Deploy to Azure Deploy to Azure Gov
Registry Deploy to Azure Deploy to Azure Gov