ReversingLabs-CheckQuota
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This playbook will check your ReversingLabs TitaniumCloud API quota and provide usage details. To be used in conjunction with the ReversingLabs-CapabilitiesOverview workbook.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | ReversingLabs |
| Source | View on GitHub |
Tables Used
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
RLTiCloudQuotas_CL |
? | ✓ | ? |
Logic App Connectors
This playbook uses 3 Logic App connectors / built-in actions:
| Connector / Action | Type | Connections | Actions |
|---|---|---|---|
azureloganalyticsdatacollector |
Managed | 1 | 7 |
keyvault |
Managed | 1 | 1 |
http |
Built-in | 0 | 6 |
Action parameters (URLs, paths, function IDs)
azureloganalyticsdatacollector (Managed)
| Action | Method | Endpoint | Other |
|---|---|---|---|
| Send_Data_4 | post | /api/logs |
— |
| Send_Data_5 | post | /api/logs |
— |
| Send_Data | post | /api/logs |
— |
| Send_Data_3 | post | /api/logs |
— |
| Send_Data_2 | post | /api/logs |
— |
| Send_Data_user_usage | post | /api/logs |
— |
| Send_Data_user_monthly_usage | post | /api/logs |
— |
keyvault (Managed)
| Action | Method | Endpoint | Other |
|---|---|---|---|
| Get_secret | get | /secrets/@{encodeURIComponent('ticloudpw')}/value |
— |
http (Built-in)
| Action | Method | Endpoint | Other |
|---|---|---|---|
| HTTP_-_GET_Company_Quota_Limits | GET | https://data.reversinglabs.com/api/customer_usage/v1/limits/company |
— |
| HTTP_-_GET_company_daily_usage | GET | https://data.reversinglabs.com/api/customer_usage/v1/usage/company/daily |
— |
| HTTP_-_GET_company_monthly_usage | GET | https://data.reversinglabs.com/api/customer_usage/v1/usage/company/monthly |
— |
| HTTP_-_GET_test_connection | GET | https://data.reversinglabs.com/api/customer_usage/v1/usage/daily |
— |
| HTTP_-_GET_user_daily_usage | GET | https://data.reversinglabs.com/api/customer_usage/v1/usage/daily |
— |
| HTTP_-_GET_user_monthly_usage | GET | https://data.reversinglabs.com/api/customer_usage/v1/usage/monthly |
— |
Additional Documentation
📄 Source: ReversingLabs-CheckQuota/readme.md
Author: Aaron Hoffmann (ReversingLabs)
Summary
This playbook provides API quota details from the ReversingLabs TitaniumCloud API. This playbook is designed to be used with the ReversingLabs-CapabilitiesOverview workbook as part of the ReversingLabs content pack solution for Microsoft Sentinel.
Prerequisites
You'll need the following:
- A ReversingLabs TitaniumCloud subscription
- A ReversingLabs TitaniumCloud username
- A ReversingLabs TitaniumCloud password
Deployment instructions
- Deploy the playbook by clicking on "Deploy to Azure" button. This will take you to deploying an ARM Template wizard.
Post-deployment
a. Authorize connections (Perform this action if needed) Once deployment is complete, you will need to authorize each connection.
- Click the Microsoft Sentinel connection resource
- Click edit API connection
- Click Authorize
- Sign in
- Click Save
Additional resources
This template deploys an Azure Key Vault in order to store credentials used by the playbook. The template will also enable a managed identity for the playbook, and assign the managed identity the Key Vault Secrets User role scoped to the deployed Key Vault.
Screenshots
References
- ReversingLabs content pack installation guide
- Video - How to install and configure the ReversingLabs content pack
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊