Orca Security Alerts connector for Microsoft Sentinel
The Orca Security Alerts connector allows you to easily export Alerts logs to Microsoft Sentinel.
This is autogenerated content. For changes, contact the solution provider.
Connector attributes
Connector attribute | Description |
---|---|
Log Analytics table(s) | OrcaAlerts_CL |
Data collection rules support | Not currently supported |
Supported by | Orca Security |
Query samples
Fetch all service vulnerabilities on running asset
OrcaAlerts_CL
| where alert_type_s == "service_vulnerability"
| where asset_state_s == "running"
| sort by TimeGenerated
Fetch all alerts with "remote_code_execution" label
OrcaAlerts_CL
| where split(alert_labels_s, ",") contains("remote_code_execution")
| sort by TimeGenerated
Vendor installation instructions
Follow guidance for integrating Orca Security Alerts logs with Microsoft Sentinel.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Aiseolas
https://aka.ms/ContentUserFeedback.
Ag teacht go luath: Le linn 2024 beimid ag cur deireadh de réir a chéile le fadhbanna GitHub mar mheicníocht aiseolais d’inneachar agus córas aiseolais nua a chur ina áit. Chun tuilleadh faisnéise a fháil féach ar :Cuir isteach agus féach ar aiseolas le haghaidh