Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
These playbooks automate the ingest of threat indicators into the ThreatIntelligenceIndicator table of an Microsoft Sentinel workspace. Sample data for Log4j IOC can be found at https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Sample%20Data/Feeds/Log4j_IOC_List.csv.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | Apache Log4j Vulnerability Detection |
| Source | View on GitHub |
This playbook uses 2 Logic App connectors / built-in actions:
| Connector / Action | Type | Connections | Actions |
|---|---|---|---|
azuremonitorlogs |
Managed | 1 | 1 |
azuresentinel |
Managed | 1 | 1 |
azuremonitorlogs (Managed)| Action | Method | Endpoint | Other |
|---|---|---|---|
| Run_query_and_list_results_V2 | post | /queryDataV2 |
— |
azuresentinel (Managed)| Action | Method | Endpoint | Other |
|---|---|---|---|
| Threat_Intelligence_-Upload_STIX_Objects(Preview) | post | [concat('/V2/ThreatIntelligence/', reference(resourceId('Microsoft.OperationalInsights/workspaces', parameters('LogAnalyticsWorkspaceName')), '2025-02-01').customerId, '/UploadIndicators/')] |
— |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Playbooks · Back to Apache Log4j Vulnerability Detection