Update-AzSentinelSetting
Syntax
UpdateExpandedAnomaliesEyesOnEntityAnalytics (Default)
Update-AzSentinelSetting
-ResourceGroupName <String>
-WorkspaceName <String>
-SettingsName <String>
-Enabled <Boolean>
[-SubscriptionId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
UpdateExpandedUeba
Update-AzSentinelSetting
-ResourceGroupName <String>
-WorkspaceName <String>
-SettingsName <String>
-DataSource <UebaDataSources[]>
[-SubscriptionId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
UpdateViaIdentityExpandedAnomaliesEyesOnEntityAnalytics
Update-AzSentinelSetting
-InputObject <ISecurityInsightsIdentity>
-Enabled <Boolean>
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
UpdateViaIdentityExpandedUeba
Update-AzSentinelSetting
-InputObject <ISecurityInsightsIdentity>
-DataSource <UebaDataSources[]>
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Examples
Example 1: Update the Anomalies setting
Update-AzSentinelSetting -ResourceGroupName "myResourceGroupName" -WorkspaceName "myWorkspaceName" -SettingsName "Anomalies" -Enabled $true
This command updates the Anomalies setting, other settings are: EyesOn, EntityAnalytics and Ueba
Parameters
-AsJob
Run the command as a job
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: cf
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DataSource
Updates setting.
Parameter properties
Type: UebaDataSources [ ]
Default value: None Supports wildcards: False DontShow: False
Parameter sets
UpdateExpandedUeba
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
UpdateViaIdentityExpandedUeba
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
Type: PSObject
Default value: None Supports wildcards: False DontShow: False Aliases: AzureRMContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Enabled
Anomalies
Parameter properties
Type: Boolean
Default value: None Supports wildcards: False DontShow: False
Parameter sets
UpdateExpandedAnomaliesEyesOnEntityAnalytics
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
UpdateViaIdentityExpandedAnomaliesEyesOnEntityAnalytics
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
Identity Parameter
To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
UpdateViaIdentityExpandedAnomaliesEyesOnEntityAnalytics
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
UpdateViaIdentityExpandedUeba
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
-NoWait
Run the command asynchronously
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ResourceGroupName
The Resource Group Name.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
UpdateExpandedAnomaliesEyesOnEntityAnalytics
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
UpdateExpandedUeba
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SettingsName
The setting Name
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
UpdateExpandedAnomaliesEyesOnEntityAnalytics
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
UpdateExpandedUeba
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SubscriptionId
Gets subscription credentials which uniquely identify Microsoft Azure subscription.
The subscription ID forms part of the URI for every service call.
Parameter properties
Type: String
Default value: (Get-AzContext).Subscription.Id Supports wildcards: False DontShow: False
Parameter sets
UpdateExpandedAnomaliesEyesOnEntityAnalytics
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
UpdateExpandedUeba
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: wi
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WorkspaceName
[Alias('DataConnectionName')]
The name of the workspace.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
UpdateExpandedAnomaliesEyesOnEntityAnalytics
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
UpdateExpandedUeba
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs