Pure Storage User Deletion

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Content Index

This playbook gets triggered when a Microsoft Sentinel Incident created for suspicious user activity and it deletes the respective user from storage array

Attribute	Value
Type	Playbook
Solution	Pure Storage
Source	View on GitHub

Logic App Connectors

This playbook uses 3 Logic App connectors / built-in actions:

Connector / Action	Type	Connections	Actions
`azuresentinel`	Managed	1	2
`keyvault`	Managed	1	1
`http`	Built-in	0	4

Action parameters (URLs, paths, function IDs)

`azuresentinel` (Managed)

Action	Method	Endpoint	Other
Entities_-_Get_Accounts	post	`/entities/account`	—
Entities_-_Get_IPs	post	`/entities/ip`	—

`keyvault` (Managed)

Action	Method	Endpoint	Other
Get_secret	get	`/secrets/@{encodeURIComponent(replace(items('IP_Loop')?['Address'], '.', '-'))}/value`	—

`http` (Built-in)

Action	Method	Endpoint	Other
Fetching_API_version	GET	`https://@{items('IP_Loop')?['Address']}/api/api_version`	—
Retrieving_auth_token	POST	`https://@{items('IP_Loop')?['Address']}/api/@{last(body('Fetching_API_version')?['version'])}/login`	—
Executing_User_Delete_API	DELETE	`https://@{items('IP_Loop')?['Address']}/api/@{last(body('Fetching_API_version')?['version'])}/admins`	—
Logging_Out	POST	`https://@{items('IP_Loop')?['Address']}/api/@{last(body('Fetching_API_version')?['version'])}/logout`	—

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Playbooks · Back to Pure Storage

Pure Storage User Deletion

Logic App Connectors

azuresentinel (Managed)

keyvault (Managed)

http (Built-in)

`azuresentinel` (Managed)

`keyvault` (Managed)

`http` (Built-in)