Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This playbook polls Vaikora for AI agent behavioral signals (high or critical severity actions and anomaly detections) and pushes them as threat intelligence IOCs to SentinelOne for detection and response.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | Vaikora-SentinelOne-ThreatIntelligence |
| Source | View on GitHub |
This playbook uses 1 Logic App connector / built-in action:
| Connector / Action | Type | Connections | Actions |
|---|---|---|---|
http |
Built-in | 0 | 4 |
http (Built-in)| Action | Method | Endpoint | Other |
|---|---|---|---|
| Get_Vaikora_Actions | GET | @{concat(parameters('Vaikora_ApiBaseUrl'), '/actions?agent_id=', encodeUriComponent(parameters('VaikoraAgentId')), '&per_page=100')} |
— |
| List_STAR_Rules | GET | @{parameters('SentinelOne_BaseUrl')}/web/api/v2.1/cloud-detection/rules?accountIds=@{parameters('SentinelOne_AccountId')} |
— |
| Create_STAR_Rule | POST | @{parameters('SentinelOne_BaseUrl')}/web/api/v2.1/cloud-detection/rules |
— |
| Post_IOC_to_SentinelOne | POST | @{parameters('SentinelOne_BaseUrl')}/web/api/v2.1/threat-intelligence/iocs |
— |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Playbooks · Back to Vaikora-SentinelOne-ThreatIntelligence