CiscoSDWANReport

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

This playbook provides an end-to-end example of sending an email for suspicious activity found in the data.

Logic App Connectors

This playbook uses 3 Logic App connectors / built-in actions:

Connector / Action	Type	Connections	Actions
`azuremonitorlogs`	Managed	1	6
`outlook`	Managed	1	0
`outlook_1`	Managed	0	1

Action parameters (URLs, paths, function IDs)

Action	Method	Endpoint	Other
Chart_for_AMP_Events	post	`/visualizeQueryV2`	—
Chart_for_IPS_Events	post	`/visualizeQueryV2`	—
Table_for_AMP_Events	post	`/visualizeQueryV2`	—
Table_for_Application_Used	post	`/visualizeQueryV2`	—
Table_for_IPS_Events	post	`/visualizeQueryV2`	—
Table_for_Internet_Browsing	post	`/visualizeQueryV2`	—

Action	Method	Endpoint	Other
Send_an_email_(V2)	post	`/v2/Mail`	—

📄 Source: CiscoSDWANReport/readme.md

This playbook provides an end-to-end example of sending an email for suspicious activity found in the data.

To deploy the Playbook, click the Deploy to Azure button. This will launch the ARM Template deployment wizard.
Fill in the required parameters:
- Playbook Name: Enter the playbook name here
- Azure Resource Group: The Azure Resource Group name in which you want to deploy the Logic App.
- Azure Subscription ID: Azure Subscription ID which is present in the subscription tab in Microsoft Sentinel.
- Azure Workspace Name: Microsoft Sentinel Workspace Name of Log Analytics workspace.
- Email: Enter comma-separated email addresses on which reports will be sent.