Muokkaa

Jaa


Dynatrace Runtime Vulnerabilities connector for Microsoft Sentinel

This connector uses the Dynatrace Security Problem REST API to ingest detected runtime vulnerabilities into Microsoft Sentinel Log Analytics.

This is autogenerated content. For changes, contact the solution provider.

Connector attributes

Connector attribute Description
Log Analytics table(s) {{graphQueriesTableName}}
Data collection rules support Not currently supported
Supported by Dynatrace

Query samples

All Vulnerability Events

DynatraceSecurityProblems

| summarize  arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId

|  take 10

All Third-Party Vulnerability Events

DynatraceSecurityProblems

| where VulnerabilityType == "THIRD_PARTY"

| summarize  arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId

|  take 10

All Code-level Vulnerability Events

DynatraceSecurityProblems

| where VulnerabilityType == "CODE_LEVEL"

| summarize  arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId

|  take 10

All Runtime Vulnerability Events

DynatraceSecurityProblems

| where VulnerabilityType == "RUNTIME"

| summarize  arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId

|  take 10

Critical Vulnerability Events

DynatraceSecurityProblems

| where DAVISRiskLevel == "CRITICAL"

| summarize  arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId

| take 10

High Vulnerability Events

DynatraceSecurityProblems

| where DAVISRiskLevel == "HIGH"

| summarize  arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId

| take 10

Count Vulnerability Events by Technology and Vulnerability

DynatraceSecurityProblems

| summarize  arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId

| summarize count() by Technology, ExternalVulnerabilityId

| take 10

Prerequisites

To integrate with Dynatrace Runtime Vulnerabilities make sure you have:

  • Dynatrace tenant (ex. xyz.dynatrace.com): You need a valid Dynatrace tenant with Application Security enabled, learn more about the Dynatrace platform.
  • Dynatrace Access Token: You need a Dynatrace Access Token, the token should have Read security problems (securityProblems.read) scope.

Vendor installation instructions

Dynatrace Vulnerabilities Events to Microsoft Sentinel

Configure and Enable Dynatrace Application Security. Follow these instructions to generate an access token.

Next steps

For more information, go to the related solution in the Azure Marketplace.