AZSentinel
AZSentinel copied to clipboard
wortell
PowerShell module for Azure Sentinel
# Summary of the Pull Request Adds missing mitre tactic to comments and enum, per error recieved in deployment of rules: `Error: expected tactics.0 to be one of [Collection CommandAndControl...
# Environment Windows build number: Microsoft Windows [Version 10.0.22000.795] PowerShell version 7,2,5 # Steps to reproduce - Enable Sentinel in a subscription - Take [AZSentinel](https://github.com/wortell/AZSentinel)/examples/AlertRules.json] and attempt to import it...
Set-AzSentinel: Unable to enable Sentinel on law-test-sentineldeploy1 with error message: Response status code does not indicate success: 404 (Not Found). # Environment Windows build number: Microsoft Windows [Version 10.0.19042.1586] PowerShell...
# Environment PSVersion 7.2.2 PSEdition Core OS Microsoft Windows 10.0.22000 AzSentinel 0.6.21 ```none Windows build number: [run "ver" at a command prompt] PowerShell version (if applicable):7.2.2 Any other software? ```...
# Summary of the Pull Request This PR adds support for watchlist ## References ... ## PR Checklist **By submitting this pull request, I confirm the following:** *please fill any...
# Summary of the Pull Request There was a small issue in enabling Sentinel on a workspace. Another user also opened an issue for this #192 - The body of...
Hi there, I have had used this module before and I didn't encounter any issue in setting a log analytic workspace to Sentinel until recently. Getting error message status code...
Examples make use of non-existant "-path" switch, updated to what actually works. # Summary of the Pull Request ... ## References ... ## PR Checklist **By submitting this pull request,...
# Summary of the new feature/enhancement We sometimes get pipeline errors when deploying rules with `Import-AzSentinelAlertRule` because a transient error has occurred. Most commonly some gateway timeout on Microsoft's side:...
# Summary of the new feature/enhancement Azure Sentinel templates include a new rule kind `ThreatIntelligence`. It would be useful if this could be deployed by AzSentinel. It looks like this:...