Pure Storage Solution for Microsoft Sentinel
Solution: Pure Storage
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | purestoragemarketplaceadmin |
| Support Tier | Partner |
| Support Link | https://support.purestorage.com |
| Categories | domains |
| Version | 3.0.1 |
| Author | Pure Storage - support@purestorage.com |
| First Published | 2024-02-05 |
| Solution Folder | Pure Storage |
| Marketplace | Azure Marketplace · Popularity: 🔵 Medium (68%) |
Solution for Microsoft Sentinel to ingest logs from PureStorage arrays
Contents
Data Connectors
This solution does not include data connectors.
This solution may contain other components such as analytics rules, workbooks, hunting queries, or playbooks.
Tables Used
This solution queries 1 table(s) from its content items:
| Table | Used By Content |
|---|---|
Syslog |
Analytics |
Content Items
This solution includes 9 content item(s):
| Content Type | Count |
|---|---|
| Playbooks | 4 |
| Analytic Rules | 3 |
| Parsers | 2 |
Analytic Rules
| Name | Severity | Tactics | Tables Used |
|---|---|---|---|
| External Fabric Module XFM1 is unhealthy | High | Execution | Syslog |
| Pure Controller Failed | High | Execution | Syslog |
| Pure Failed Login | High | CredentialAccess | Syslog |
Playbooks
| Name | Description | Tables Used |
|---|---|---|
| Pure Storage FlashBlade File System Snapshot | This playbook gets triggered when a Microsoft Sentinel Incident created for suspicious activity and ... | - |
| Pure Storage Protection Group Snapshot | This playbook gets triggered when a Microsoft Sentinel Incident created for suspicious activity and ... | - |
| Pure Storage User Deletion | This playbook gets triggered when a Microsoft Sentinel Incident created for suspicious user activity... | - |
| Pure Storage Volume Snapshot | This playbook gets triggered when a Microsoft Sentinel Incident created for suspicious activity and ... | - |
Parsers
| Name | Description | Tables Used |
|---|---|---|
| PureStorageFlashArrayParser | - | - |
| PureStorageFlashBladeParser | - | - |
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.3 | 05-11-2024 | Added new Analytic Rule a Playbook and a Parser |
| 3.0.2 | 09-05-2024 | Repackaged for Parser issue fix on reinstall |
| 3.0.1 | 03-05-2024 | Repackaged for Parser issue fix on reinstall Added 2 new Analytic Rules and 3 new Playbooks |
| 3.0.0 | 05-02-2024 | Initial Solution Release - Parser Only |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊