Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
In some cases, maintenance activities generate alerts in Microsoft Sentinel which distracts the SOC team from handling the real problems. This playbook allows to input the time period in which the maintenance is expected and the assets IP (Excel file can be found). The playbook requires a watchlist which includes all the IP addresses of the assets on which alerts will handled automatically. This playbook parses explicitly the IoT device entity fields. For more information, see [AD4IoT-AutoCloseI
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | IoTOTThreatMonitoringwithDefenderforIoT |
| Source | View on GitHub |
This playbook uses 2 Logic App connectors / built-in actions:
| Connector / Action | Type | Connections | Actions |
|---|---|---|---|
azuremonitorlogs |
Managed | 1 | 1 |
azuresentinel |
Managed | 1 | 1 |
azuremonitorlogs (Managed)| Action | Method | Endpoint | Other |
|---|---|---|---|
| Run_query_and_list_results | post | /queryData |
— |
azuresentinel (Managed)| Action | Method | Endpoint | Other |
|---|---|---|---|
| Update_incident | put | /Incidents |
— |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Playbooks · Back to IoTOTThreatMonitoringwithDefenderforIoT