SlashNext Security Events for Microsoft Sentinel - Get customer incidents and log
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Content Index
The playbook will run after every 3 mintues to get list of events occured to a customer in that time and log them in Log Analytic Workspace.
Tables Used
This content item queries data from the following tables:
| Table |
Transformations |
Ingestion API |
Lake-Only |
SlashNext_CL |
? |
✓ |
? |
Logic App Connectors
This playbook uses 4 Logic App connectors / built-in actions:
Action parameters (URLs, paths, function IDs)
| Action |
Method |
Endpoint |
Other |
| create_file |
post |
/v2/datasets/@{encodeURIComponent(encodeURIComponent('AccountNameFromSettings'))}/files |
— |
| Get_content |
get |
[replace(variables('storage_path'),'slashnextstorage',parameters('Storage Account Name'))] |
— |
| Action |
Method |
Endpoint |
Other |
| Send_Email_Text_Threat_Data |
post |
/api/logs |
— |
| Send_Email_Threat_Data_ |
post |
/api/logs |
— |
| Send_Threat_Data |
post |
/api/logs |
— |
| Action |
Method |
Endpoint |
Other |
| Events_details |
post |
/api/integration/v4/incidents/detail |
— |
| incident_list_response |
post |
/api/integration/v4/incidents/list |
— |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Playbooks · Back to SlashNext SIEM