Search for Breaches - ShadowByte Aria
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This playbook updates the Incident with the brach details if an account has been compromised.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | ShadowByte Aria |
| Source | View on GitHub |
Tables Used
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
ShadowByteAriaForums_CL |
? | ✓ | ? |
Logic App Connectors
This playbook uses 2 Logic App connectors / built-in actions:
| Connector / Action | Type | Connections | Actions |
|---|---|---|---|
azureloganalyticsdatacollector |
Managed | 1 | 1 |
ShadowByteAriaConnector |
Custom | 1 | 1 |
Action parameters (URLs, paths, function IDs)
azureloganalyticsdatacollector (Managed)
| Action | Method | Endpoint | Other |
|---|---|---|---|
| Send_Data | post | /api/logs |
— |
ShadowByteAriaConnector (Custom)
| Action | Method | Endpoint | Other |
|---|---|---|---|
| Breach_Search | get | /v2/breach/search |
— |
Additional Documentation
Author: ShadowByte
This playbook updates the Incident with the brach details if an account has been compromised.
prerequisites
- ShadowByte Aria Custom Connector needs to be deployed and configured prior to the deployment of this playbook under the same resource group.
screenshots:
deploy to Azure
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊