Get-AzSentinelThreatIntelligenceIndicatorMetric
Get threat intelligence indicators metrics (Indicators counts by Type, Threat Type, Source).
Syntax
Get-AzSentinelThreatIntelligenceIndicatorMetric
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String[]>]
[-DefaultProfile <PSObject>]
[<CommonParameters>]
Description
Get threat intelligence indicators metrics (Indicators counts by Type, Threat Type, Source).
Examples
Example 1: Get all metrics for Threat Intelligence Indicators
Get-AzSentinelThreatIntelligenceIndicatorMetric -ResourceGroupName "myResourceGroupName" -workspaceName "myWorkspaceName"
LastUpdatedTimeUtc : 2022-02-07T10:44:45.3919348Z
PatternTypeMetric : {network-traffic, url, ipv4-addr, file}
SourceMetric : {Microsoft Emerging Threat Feed, Bing Safety Phishing URL, Azure Sentinel, CyberCrime…}
ThreatTypeMetric : {botnet, maliciousurl, phishing, malicious-activity…}
This command gets Threat Intelligence Indicator metrics.
Parameters
-DefaultProfile
The DefaultProfile parameter is not functional. Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription.
Type: | PSObject |
Aliases: | AzureRMContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceGroupName
The name of the resource group. The name is case insensitive.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SubscriptionId
The ID of the target subscription.
Type: | String[] |
Position: | Named |
Default value: | (Get-AzContext).Subscription.Id |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WorkspaceName
The name of the workspace.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |