380 строки
39 KiB
JSON
380 строки
39 KiB
JSON
[
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "16/11/2021, 9:07:56.643 pm",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "",
|
|
"id_s": "yetanotherbad2:storageAccounts_secureTransferRequired",
|
|
"ruleId_s": "storageAccounts_secureTransferRequired",
|
|
"ruleServiceId_s": "storageAccounts",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": true,
|
|
"name_s": "yetanotherbad2",
|
|
"type_s": "microsoft.storage/storageaccounts",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.storage:storageaccounts:yetanotherbad2",
|
|
"ResourceId": "/subscriptions/a9f5a81b-d5e1-416d-8a19-521abe499cda/resourceGroups/argos-dev-rg/providers/Microsoft.Storage/storageAccounts/yetanotherbad2",
|
|
"ResourceGroup": "argos-dev-rg",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-16T21:07:56.6439315Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "yetanotherbad2",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "16/11/2021, 9:16:49.228 pm",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "",
|
|
"id_s": "yetanotherbad2:storageAccounts_defaultNetworkAccessDenied",
|
|
"ruleId_s": "storageAccounts_defaultNetworkAccessDenied",
|
|
"ruleServiceId_s": "storageAccounts",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": true,
|
|
"name_s": "yetanotherbad2",
|
|
"type_s": "Microsoft.Storage/storageAccounts",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.storage:storageaccounts:yetanotherbad2",
|
|
"ResourceId": "/subscriptions/a9f5a81b-d5e1-416d-8a19-521abe499cda/resourceGroups/argos-dev-rg/providers/Microsoft.Storage/storageAccounts/yetanotherbad2",
|
|
"ResourceGroup": "argos-dev-rg",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-16T21:16:49.2284064Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "21/11/2021, 10:58:45.977 am",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "https://app.argos-security.io/detections/testscanfunction:appServices_appServicesFunctionsWithoutCert",
|
|
"id_s": "testscanfunction:appServices_appServicesFunctionsWithoutCert",
|
|
"ruleId_s": "appServices_appServicesFunctionsWithoutCert",
|
|
"ruleServiceId_s": "appServices",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": false,
|
|
"name_s": "testscanfunction",
|
|
"type_s": "microsoft.web/sites",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.web:sites:testscanfunction",
|
|
"ResourceId": "/subscriptions/a9f5a81b-d5e1-416d-8a19-521abe499cda/resourceGroups/argos-dev-rg/providers/Microsoft.Web/sites/testscanfunction",
|
|
"ResourceGroup": "argos-dev-rg",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-07-30T03:11:41.9447549Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-27T11:37:55.3310094Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-27T11:42:26.8581673Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-03T10:28:31.7180973Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-03T10:51:55.2377213Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-05T00:36:57.3089611Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-05T00:41:38.760647Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-07T23:58:27.4774176Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T00:22:05.9875784Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T07:47:46.7330448Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T08:02:19.6935986Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-09T10:16:10.2765444Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-09T10:37:06.3645285Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T21:03:31.5484191Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T21:26:42.5648878Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T09:50:41.2901167Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T10:03:45.6890122Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:22:08.5419769Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:38:50.3125863Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:48:06.5923113Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:58:45.9774568Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "21/11/2021, 10:58:45.977 am",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "https://app.argos-security.io/detections/yetanothertestfunction:appServices_appServicesFunctionsWithoutCert",
|
|
"id_s": "yetanothertestfunction:appServices_appServicesFunctionsWithoutCert",
|
|
"ruleId_s": "appServices_appServicesFunctionsWithoutCert",
|
|
"ruleServiceId_s": "appServices",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": true,
|
|
"name_s": "yetanothertestfunction",
|
|
"type_s": "microsoft.web/sites",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.web:sites:yetanothertestfunction",
|
|
"ResourceId": "/subscriptions/a9f5a81b-d5e1-416d-8a19-521abe499cda/resourceGroups/argos-dev-rg/providers/Microsoft.Web/sites/yetanothertestfunction",
|
|
"ResourceGroup": "argos-dev-rg",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-07-30T03:11:41.9447549Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-09T23:40:58.6739131Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-10T00:03:34.1738856Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-27T11:37:55.3310104Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-27T11:42:26.8581673Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-03T10:28:31.7181009Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-03T10:51:55.2377213Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-05T00:36:57.3089621Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-05T00:41:38.760647Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-07T23:58:27.4774303Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T00:22:05.9875784Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T07:47:46.7330459Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T08:02:19.6935986Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-09T10:16:10.2765452Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-09T10:37:06.3645285Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T21:03:31.5484199Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T21:26:42.5648878Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T09:50:41.2901181Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T10:03:45.6890122Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:22:08.541978Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:38:50.3125863Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:48:06.5923118Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:58:45.9774568Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "21/11/2021, 10:58:45.977 am",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "https://app.argos-security.io/detections/testfunctionvnetargos:appServices_appServicesFunctionsWithoutCert",
|
|
"id_s": "testfunctionvnetargos:appServices_appServicesFunctionsWithoutCert",
|
|
"ruleId_s": "appServices_appServicesFunctionsWithoutCert",
|
|
"ruleServiceId_s": "appServices",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": false,
|
|
"name_s": "testfunctionvnetargos",
|
|
"type_s": "Microsoft.Web/sites",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:functions-vnet-test:providers:microsoft.web:sites:testfunctionvnetargos",
|
|
"ResourceId": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:functions-vnet-test:providers:microsoft.web:sites:testfunctionvnetargos",
|
|
"ResourceGroup": "functions-vnet-test",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-14T05:20:08.2845391Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T09:50:41.290121Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T10:03:45.6890122Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:22:08.5419783Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:38:50.3125863Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:48:06.5923121Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:58:45.9774568Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "21/11/2021, 10:58:46.646 am",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "https://app.argos-security.io/detections/argostest:appServices_AppServicesPublic",
|
|
"id_s": "argostest:appServices_AppServicesPublic",
|
|
"ruleId_s": "appServices_AppServicesPublic",
|
|
"ruleServiceId_s": "appServices",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": true,
|
|
"name_s": "argostest",
|
|
"type_s": "Microsoft.Web/sites",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.web:sites:argostest",
|
|
"ResourceId": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.web:sites:argostest",
|
|
"ResourceGroup": "argos-dev-rg",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-14T04:08:09.2283183Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T09:50:42.056033Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T10:03:48.5474186Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:22:09.1917281Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:38:50.2701212Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:48:04.2414345Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:58:46.6468509Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "21/11/2021, 10:58:46.646 am",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "https://app.argos-security.io/detections/yetanothertestfunction:appServices_AppServicesPublic",
|
|
"id_s": "yetanothertestfunction:appServices_AppServicesPublic",
|
|
"ruleId_s": "appServices_AppServicesPublic",
|
|
"ruleServiceId_s": "appServices",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": true,
|
|
"name_s": "yetanothertestfunction",
|
|
"type_s": "microsoft.web/sites",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.web:sites:yetanothertestfunction",
|
|
"ResourceId": "/subscriptions/a9f5a81b-d5e1-416d-8a19-521abe499cda/resourceGroups/argos-dev-rg/providers/Microsoft.Web/sites/yetanothertestfunction",
|
|
"ResourceGroup": "argos-dev-rg",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-07-01T05:49:01.1218428Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-27T11:37:55.49539Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-27T11:42:23.5250063Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-03T10:28:31.983199Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-03T10:51:55.4360811Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-05T00:36:57.4972446Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-05T00:41:39.5034862Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-07T23:58:27.5815263Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T00:22:05.505388Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T20:19:40.5676618Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T20:25:39.6976854Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T21:03:32.2311722Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T21:26:51.4681918Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T09:50:42.0560327Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T10:03:48.5474186Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:22:09.1917279Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:38:50.2701212Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:48:04.2414338Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:58:46.6468509Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "21/11/2021, 10:58:50.869 am",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "https://app.argos-security.io/detections/argostest:appServices_appServicesFunctionsMinTlsVersionSet",
|
|
"id_s": "argostest:appServices_appServicesFunctionsMinTlsVersionSet",
|
|
"ruleId_s": "appServices_appServicesFunctionsMinTlsVersionSet",
|
|
"ruleServiceId_s": "appServices",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": true,
|
|
"name_s": "argostest",
|
|
"type_s": "microsoft.web/sites",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.web:sites:argostest",
|
|
"ResourceId": "/subscriptions/a9f5a81b-d5e1-416d-8a19-521abe499cda/resourceGroups/argos-dev-rg/providers/Microsoft.Web/sites/argostest",
|
|
"ResourceGroup": "argos-dev-rg",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-06-29T03:33:08.9514987Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-29T03:49:06.4604192Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-29T03:53:29.6839808Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-07T23:58:04.9259446Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T00:21:53.0996134Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T07:47:14.2755092Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T08:01:50.5070212Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-09T10:15:28.9884285Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-09T11:01:31.7443214Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T21:03:02.1948704Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T21:30:13.2175526Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T09:50:02.1346832Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T10:03:18.2181322Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:21:34.4970121Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:42:35.7224634Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:48:05.1345064Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:58:50.8696618Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "21/11/2021, 10:58:50.869 am",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "https://app.argos-security.io/detections/testscanfunction:appServices_appServicesFunctionsMinTlsVersionSet",
|
|
"id_s": "testscanfunction:appServices_appServicesFunctionsMinTlsVersionSet",
|
|
"ruleId_s": "appServices_appServicesFunctionsMinTlsVersionSet",
|
|
"ruleServiceId_s": "appServices",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": false,
|
|
"name_s": "testscanfunction",
|
|
"type_s": "microsoft.web/sites",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.web:sites:testscanfunction",
|
|
"ResourceId": "/subscriptions/a9f5a81b-d5e1-416d-8a19-521abe499cda/resourceGroups/argos-dev-rg/providers/Microsoft.Web/sites/testscanfunction",
|
|
"ResourceGroup": "argos-dev-rg",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-06-29T03:33:08.9514987Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-29T03:49:06.46042Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-29T03:53:29.6839808Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-07T23:58:04.9259457Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T00:21:53.0996134Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T07:47:14.27551Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T08:01:50.5070212Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-09T10:15:28.9884299Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-09T11:01:31.7443214Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T21:03:02.1948713Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T21:30:13.2175526Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T09:50:02.1346849Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-17T10:03:18.2181322Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:21:34.497013Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-11T09:42:35.7224634Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:48:05.1345074Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-21T10:58:50.8696618Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "18/11/2021, 11:37:33.673 pm",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "https://app.argos-security.io/detections/vdxfvsdfsdfv:storageAccounts_secureTransferRequired",
|
|
"id_s": "vdxfvsdfsdfv:storageAccounts_secureTransferRequired",
|
|
"ruleId_s": "storageAccounts_secureTransferRequired",
|
|
"ruleServiceId_s": "storageAccounts",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": true,
|
|
"name_s": "vdxfvsdfsdfv",
|
|
"type_s": "microsoft.storage/storageaccounts",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.storage:storageaccounts:vdxfvsdfsdfv",
|
|
"ResourceId": "/subscriptions/a9f5a81b-d5e1-416d-8a19-521abe499cda/resourceGroups/argos-dev-rg/providers/Microsoft.Storage/storageAccounts/vdxfvsdfsdfv",
|
|
"ResourceGroup": "argos-dev-rg",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-18T23:37:33.6734382Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "vdxfvsdfsdfv",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "18/11/2021, 11:37:41.440 pm",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "https://app.argos-security.io/detections/vdxfvsdfsdfv:storageAccounts_defaultNetworkAccessDenied",
|
|
"id_s": "vdxfvsdfsdfv:storageAccounts_defaultNetworkAccessDenied",
|
|
"ruleId_s": "storageAccounts_defaultNetworkAccessDenied",
|
|
"ruleServiceId_s": "storageAccounts",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": true,
|
|
"name_s": "vdxfvsdfsdfv",
|
|
"type_s": "Microsoft.Storage/storageAccounts",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.storage:storageaccounts:vdxfvsdfsdfv",
|
|
"ResourceId": "/subscriptions/a9f5a81b-d5e1-416d-8a19-521abe499cda/resourceGroups/argos-dev-rg/providers/Microsoft.Storage/storageAccounts/vdxfvsdfsdfv",
|
|
"ResourceGroup": "argos-dev-rg",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-18T23:37:41.4402951Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "19/11/2021, 10:57:38.318 pm",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"url_s": "https://app.argos-security.io/detections/a9f5a81b-d5e1-416d-8a19-521abe499cda:monitoring_activityLogsConnectedToLogAnalytics",
|
|
"id_s": "a9f5a81b-d5e1-416d-8a19-521abe499cda:monitoring_activityLogsConnectedToLogAnalytics",
|
|
"ruleId_s": "monitoring_activityLogsConnectedToLogAnalytics",
|
|
"ruleServiceId_s": "monitoring",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": "",
|
|
"name_s": "argos-dev",
|
|
"type_s": "Microsoft.Subscription",
|
|
"inventoryId_s": "",
|
|
"ResourceId": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"ResourceGroup": "",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-01T23:11:52.1643262Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-27T11:37:55.2584374Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-08-27T11:42:16.6280632Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-03T10:28:31.7207605Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-03T10:51:47.6782713Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-05T00:36:57.2645402Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-05T00:41:31.0945852Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-07T23:58:27.391787Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T00:22:00.9912123Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T20:19:39.657845Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-08T20:25:31.706882Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-10T18:03:59.2790549Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-10T18:27:28.9493416Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T13:37:38.5045343Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T13:43:00.923868Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T16:34:49.6727192Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-12T16:39:58.4115057Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-13T01:10:39.0000367Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-13T01:22:35.7727502Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-19T21:11:51.3345717Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-09-19T21:16:11.5647829Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-10-03T09:36:16.0602775Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-10-03T09:40:29.3707095Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-07T00:35:35.3813317Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-07T00:39:55.504419Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-19T22:52:19.2600253Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-19T22:57:38.3182799Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
},
|
|
{
|
|
"TenantId": "04320225-9274-4d17-a4c0-5e35abd3cb68",
|
|
"SourceSystem": "RestAPI",
|
|
"MG": "",
|
|
"ManagementGroupName": "",
|
|
"TimeGenerated [UTC]": "19/11/2021, 10:57:14.093 pm",
|
|
"Computer": "",
|
|
"RawData": "",
|
|
"inventoryId_g": "",
|
|
"url_s": "https://app.argos-security.io/detections/omigodahhhhhhhhhh:virtualMachines_endpointProtectionInstalled",
|
|
"id_s": "omigodahhhhhhhhhh:virtualMachines_endpointProtectionInstalled",
|
|
"ruleId_s": "virtualMachines_endpointProtectionInstalled",
|
|
"ruleServiceId_s": "virtualMachines",
|
|
"customerId_s": "argos-test-tenant",
|
|
"connectionId_g": "a9f5a81b-d5e1-416d-8a19-521abe499cda",
|
|
"cloud_s": "azure",
|
|
"status_s": "open",
|
|
"exploitable_b": "",
|
|
"name_s": "omigodahhhhhhhhhh",
|
|
"type_s": "Microsoft.Compute/virtualmachines",
|
|
"inventoryId_s": ":subscriptions:a9f5a81b-d5e1-416d-8a19-521abe499cda:resourcegroups:argos-dev-rg:providers:microsoft.compute:virtualmachines:omigodahhhhhhhhhh",
|
|
"ResourceId": "/subscriptions/a9f5a81b-d5e1-416d-8a19-521abe499cda/resourceGroups/ARGOS-DEV-RG/providers/Microsoft.Compute/virtualMachines/omigodahhhhhhhhhh",
|
|
"ResourceGroup": "ARGOS-DEV-RG",
|
|
"itsmTickets_s": "[]",
|
|
"auditLog_s": "[\r\n {\r\n \"event\": \"open\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-10T04:30:29.831781Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"close\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-19T22:51:27.2448624Z\",\r\n \"userId\": \"ARGOS\"\r\n },\r\n {\r\n \"event\": \"reopen\",\r\n \"reason\": null,\r\n \"utc\": \"2021-11-19T22:57:14.0930391Z\",\r\n \"userId\": \"ARGOS\"\r\n }\r\n]",
|
|
"metadata_id_s": "",
|
|
"Type": "ARGOS_CL",
|
|
"_ResourceId": ""
|
|
}
|
|
]
|