VMRay URL Analyis

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Content Index

Submits a url or set of urls associated with an incident to VMRay for Analyis.

Attribute Value
Type Playbook
Solution VMRay
Source View on GitHub

Logic App Connectors

This playbook uses 3 Logic App connectors / built-in actions:

Connector / Action Type Connections Actions
azuresentinel Managed 1 4
azuresentinel-1 Managed 0 1
function Built-in 0 5
Action parameters (URLs, paths, function IDs)

azuresentinel (Managed)

Action Method Endpoint Other
Entities_-_Get_URLs post /entities/url
Add_comment_to_incident_(V3) post /Incidents/Comment
Threat_Intelligence_-Upload_Indicators_of_Compromise(V2)_(Preview) post /V2/ThreatIntelligence/@{encodeURIComponent(triggerBody()?['workspaceId'])}/UploadIndicators/
Add_comment_to_incident_(V3)_1 post /Incidents/Comment

azuresentinel-1 (Managed)

Action Method Endpoint Other
Add_Comment_to_incident post /Incidents/Comment

function (Built-in)

Action Method Endpoint Other
UplaodURL functionId=[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', variables('Functionappname'), '/functions/UplaodURL')]
GetVMRaySubmission functionId=[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', variables('Functionappname'), '/functions/GetVMRaySubmission')]
GetVMRaySample functionId=[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', variables('Functionappname'), '/functions/GetVMRaySample')]
GetVMRayIOCs functionId=[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', variables('Functionappname'), '/functions/GetVMRayIOCs')]
vmrayenrichcox-GetVMRayVTIs functionId=[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', variables('Functionappname'), '/functions/GetVMRayVTIs')]

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Playbooks · Back to VMRay