Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
Azure-Sentinel/Playbooks/Dynamic-Summaries-API-Upsert
История
Zhipeng Zhao 33bef2fe60 Remove packed content 2022-11-17 15:03:48 -08:00
..
azuredeploy.json Remove packed content 2022-11-17 15:03:48 -08:00
readme.md Add Dynamic summaries playbook 2022-11-16 17:09:36 -08:00

readme.md

Dynamic-Summaries-API-Upsert

author: Zhipeng Zhao

This playbook shows how to query Log Analytics data and upload the query result to Sentinel Dynamic Summaries table through Dynamic Summaries REST API.

Prerequisites

Before deploying the the playbook you will need

  • create Azure Integration account through Azure portal
  • Have a KQL that renders data for Dynamic Summaries object model

Quick Deployment

Learn more about playbook deployment

Deploy to Azure Deploy to Azure Gov

Post-Deployment

After deployment, the playbook should run automatically, you may go to the Log Analytics to check the result. You may need to grant this Logic app access to the Destination subscription as a contributor.