Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Leverages the Infoblox SOC Insights API to enrich a Microsoft Sentinel Incident triggered by an Infoblox SOC Insight & ingest Insight details into custom InfobloxInsight tables. The tables are used to build the Infoblox SOC Insights Workbook. This playbook can be configured to run automatically when an incident occurs (recommended) or run on demand.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | Infoblox SOC Insights |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
InfobloxInsightAssets_CL 🔶 |
? | ✓ | ? |
InfobloxInsightComments_CL 🔶 |
? | ✓ | ? |
InfobloxInsightEvents_CL 🔶 |
? | ✓ | ? |
InfobloxInsightIndicators_CL 🔶 |
? | ✓ | ? |
InfobloxInsight_CL 🔶 |
? | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊