AZSentinel icon indicating copy to clipboard operation
AZSentinel copied to clipboard

Published 20 hours ago verified publisher icon wortell

Entities Mapping

Open jaroslavkozak opened this issue 3 years ago • 5 comments

Will it be possible to assign entities using a script and/or function?

Will it be possible to export the settings for future replication?

jaroslavkozak avatar Jun 08 '21 13:06 jaroslavkozak

I'm also in a big need of this. Mandatory for using this in CICD.

gabrielnecula avatar Jun 08 '21 13:06 gabrielnecula

Yes it could be good if that feature is added in the next update. Entity Mapping and the new Alert details enrichment

alvaro354 avatar Jul 01 '21 09:07 alvaro354

Any update on this please? As part of our threat hunting we need Entities mapped to alerts. At the moment azsentinel module doesn't import entities.

sandeep5234 avatar Jan 22 '23 05:01 sandeep5234

@pkhabazi I am thinking to write my own PowerShell function that will use Azure sentinel Analytical rules creation API. Could you please let me know if entities deployment feature will be added soon? If yes then I won't spend time writing my own code. Thank you.

sandeep5234 avatar Jan 30 '23 22:01 sandeep5234

Any update? Entity mappings are important part of Analytics rule. Thank you for your efforts!

pavelmirlenko avatar Oct 20 '23 06:10 pavelmirlenko