Threat Intelligence Indicator Metrics - List
Get threat intelligence indicators metrics (Indicators counts by Type, Threat Type, Source).
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/metrics?api-version=2024-03-01
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
resource
|
path | True |
string |
The name of the resource group. The name is case insensitive. |
subscription
|
path | True |
string |
The ID of the target subscription. |
workspace
|
path | True |
string |
The name of the workspace. Regex pattern: |
api-version
|
query | True |
string |
The API version to use for this operation. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
OK |
|
Other Status Codes |
Error response describing why the operation failed to get metrics. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
Get threat intelligence indicators metrics.
Sample Request
GET https://management.azure.com/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/threatIntelligence/main/metrics?api-version=2024-03-01
Sample Response
{
"value": [
{
"properties": {
"lastUpdatedTimeUtc": "2020-09-01T19:44:44.117403Z",
"threatTypeMetrics": [
{
"metricName": "compromised",
"metricValue": 20
}
],
"patternTypeMetrics": [
{
"metricName": "url",
"metricValue": 20
}
],
"sourceMetrics": [
{
"metricName": "Azure Sentinel",
"metricValue": 10315
},
{
"metricName": "zinga",
"metricValue": 2
}
]
}
}
]
}
Definitions
Name | Description |
---|---|
Cloud |
Error response structure. |
Cloud |
Error details. |
Threat |
Describes threat intelligence metric |
Threat |
Describes threat intelligence metric entity |
Threat |
Threat intelligence metrics. |
Threat |
List of all the threat intelligence metric fields (type/threat type/source). |
CloudError
Error response structure.
Name | Type | Description |
---|---|---|
error |
Error data |
CloudErrorBody
Error details.
Name | Type | Description |
---|---|---|
code |
string |
An identifier for the error. Codes are invariant and are intended to be consumed programmatically. |
message |
string |
A message describing the error, intended to be suitable for display in a user interface. |
ThreatIntelligenceMetric
Describes threat intelligence metric
Name | Type | Description |
---|---|---|
lastUpdatedTimeUtc |
string |
Last updated indicator metric |
patternTypeMetrics |
Pattern type metrics |
|
sourceMetrics |
Source metrics |
|
threatTypeMetrics |
Threat type metrics |
ThreatIntelligenceMetricEntity
Describes threat intelligence metric entity
Name | Type | Description |
---|---|---|
metricName |
string |
Metric name |
metricValue |
integer |
Metric value |
ThreatIntelligenceMetrics
Threat intelligence metrics.
Name | Type | Description |
---|---|---|
properties |
Threat intelligence metrics. |
ThreatIntelligenceMetricsList
List of all the threat intelligence metric fields (type/threat type/source).
Name | Type | Description |
---|---|---|
value |
Array of threat intelligence metric fields (type/threat type/source). |