RecordedFuture-Sandbox_StorageAccount
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Content Index
This playbook will trigger on files in a Storage Account and send them to Recorded Future Sandbox. The result will be written as a reply and a Sentinel Incident will be created if the file attachment has a sandbox risk score grater then the configured threshold value.
Logic App Connectors
This playbook uses 3 Logic App connectors / built-in actions:
Action parameters (URLs, paths, function IDs)
| Action |
Method |
Endpoint |
Other |
| Get_Blob_Metadata_(V2) |
get |
/v2/datasets/@{encodeURIComponent(encodeURIComponent('AccountNameFromSettings'))}/files/@{encodeURIComponent(encodeURIComponent('JTJmdGVzdGluZyUyZmNhbGMuZXhl'))} |
— |
| Get_blob_content_(V2) |
get |
/v2/datasets/@{encodeURIComponent(encodeURIComponent('AccountNameFromSettings'))}/files/@{encodeURIComponent(encodeURIComponent('JTJmdGVzdGluZyUyZmNhbGMuZXhl'))}/content |
— |
| Action |
Method |
Endpoint |
Other |
| Add_comment_to_incident_(V3) |
post |
/Incidents/Comment |
— |
| Create_incident |
put |
/Incidents/subscriptions/@{encodeURIComponent('5129b3ff-c0c6-4e86-bd1c-70e5fcd579cf')}/resourceGroups/@{encodeURIComponent('RF')}/workspaces/@{encodeURIComponent('RF-log-analyitics')} |
— |
| Action |
Method |
Endpoint |
Other |
| Get_the_full_report |
get |
/samples/@{encodeURIComponent(body('Get_the_full_summary')?['id'])}/overview.json |
— |
| Submit_file_samples |
post |
/samples/file |
— |
| Get_the_full_summary |
get |
/samples/@{encodeURIComponent(body('Submit_file_samples')?['id'])} |
— |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Playbooks · Back to Recorded Future