Data Connectors - Get

Mendapatkan konektor data.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}?api-version=2022-07-01-preview

Parameter URI

Name In Required Type Description
dataConnectorId
path True
  • string

ID Konektor

resourceGroupName
path True
  • string

Nama grup sumber daya. Nama tidak peka huruf besar/kecil.

subscriptionId
path True
  • string

ID langganan target.

workspaceName
path True
  • string

Nama ruang kerja.

api-version
query True
  • string

Versi API yang digunakan untuk operasi ini.

Respons

Name Type Description
200 OK DataConnector:

OK, Operasi berhasil diselesaikan

Other Status Codes

Respons kesalahan yang menjelaskan mengapa operasi gagal.

Keamanan

azure_auth

Alur OAuth2 Azure Active Directory

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation meniru akun pengguna Anda

Contoh

Get a APIPolling data connector
Get a ASC data connector
Get a Dynamics365 data connector
Get a GenericUI data connector
Get a IoT data connector
Get a MCAS data connector
Get a MDATP data connector
Get a MicrosoftThreatIntelligence data connector
Get a MicrosoftThreatProtection data connector
Get a TI data connector
Get a TI Taxii data connector.
Get an AAD data connector
Get an AATP data connector
Get an Aws S3 data connector
Get an AwsCloudTrail data connector
Get an Office ATP data connector
Get an Office IRM data connector
Get an Office365 data connector.
Get an Office365 PowerBI data connector
Get an Office365 Project data connector

Get a APIPolling data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/316ec55e-7138-4d63-ab18-90c8a60fd1c8?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/316ec55e-7138-4d63-ab18-90c8a60fd1c8",
  "name": "316ec55e-7138-4d63-ab18-90c8a60fd1c8",
  "etag": "\"1a00b074-0000-0100-0000-606ef5bd0000\"",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "APIPolling",
  "properties": {
    "connectorUiConfig": {
      "title": "GitHub Enterprise Audit Log",
      "publisher": "GitHub",
      "descriptionMarkdown": "The GitHub audit log connector provides the capability to ingest GitHub logs into Azure Sentinel. By connecting GitHub audit logs into Azure Sentinel, you can view this data in workbooks, use it to create custom alerts, and improve your investigation process.",
      "customImage": "The image connector content",
      "graphQueriesTableName": "GitHubAuditLogPolling_CL",
      "graphQueries": [
        {
          "metricName": "Total events received",
          "legend": "GitHub audit log events",
          "baseQuery": "{{graphQueriesTableName}}"
        }
      ],
      "sampleQueries": [
        {
          "description": "All logs",
          "query": "{{graphQueriesTableName}}\n | take 10 <change>"
        }
      ],
      "dataTypes": [
        {
          "name": "{{graphQueriesTableName}}",
          "lastDataReceivedQuery": "{{graphQueriesTableName}}\n            | summarize Time = max(TimeGenerated)\n            | where isnotempty(Time)"
        }
      ],
      "connectivityCriteria": [
        {
          "type": "SentinelKindsV2",
          "value": []
        }
      ],
      "availability": {
        "status": 1,
        "isPreview": true
      },
      "permissions": {
        "resourceProvider": [
          {
            "provider": "Microsoft.OperationalInsights/workspaces",
            "permissionsDisplayText": "read and write permissions are required.",
            "providerDisplayName": "Workspace",
            "scope": "Workspace",
            "requiredPermissions": {
              "write": true,
              "read": true,
              "delete": true
            }
          }
        ],
        "customs": [
          {
            "name": "GitHub API personal token Key",
            "description": "You need access to GitHub personal token, the key should have 'admin:org' scope"
          }
        ]
      },
      "instructionSteps": [
        {
          "title": "Connect GitHub Enterprise Audit Log to Azure Sentinel",
          "description": "Enable GitHub audit Logs. \n Follow [this](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token) to create or find your personal key",
          "instructions": [
            {
              "parameters": {
                "enable": "true",
                "userRequestPlaceHoldersInput": [
                  {
                    "displayText": "Organization Name",
                    "requestObjectKey": "apiEndpoint",
                    "placeHolderName": "{{placeHolder1}}",
                    "placeHolderValue": ""
                  }
                ]
              },
              "type": "APIKey"
            }
          ]
        }
      ]
    },
    "pollingConfig": {
      "auth": {
        "authType": "APIKey",
        "apiKeyIdentifier": "token",
        "apiKeyName": "Authorization"
      },
      "request": {
        "apiEndpoint": "https://api.github.com/organizations/{{placeHolder1}}/audit-log",
        "rateLimitQps": 50,
        "queryWindowInMin": 15,
        "httpMethod": "Get",
        "queryTimeFormat": "yyyy-MM-ddTHH:mm:ssZ",
        "retryCount": 2,
        "timeoutInSeconds": 60,
        "headers": {
          "Accept": "application/json",
          "User-Agent": "Scuba"
        },
        "queryParameters": {
          "phrase": "created:{_QueryWindowStartTime}..{_QueryWindowEndTime}"
        }
      },
      "paging": {
        "pagingType": "LinkHeader",
        "pageSizeParaName": "per_page"
      },
      "response": {
        "eventsJsonPaths": [
          "$"
        ]
      }
    }
  }
}

Get a ASC data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/763f9fa1-c2d3-4fa2-93e9-bccd4899aa12?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/763f9fa1-c2d3-4fa2-93e9-bccd4899aa12",
  "name": "763f9fa1-c2d3-4fa2-93e9-bccd4899aa12",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "AzureSecurityCenter",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "subscriptionId": "c0688291-89d7-4bed-87a2-a7b1bff43f4c",
    "dataTypes": {
      "alerts": {
        "state": "Enabled"
      }
    }
  }
}

Get a Dynamics365 data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c2541efb-c9a6-47fe-9501-87d1017d1512?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660",
  "name": "c2541efb-c9a6-47fe-9501-87d1017d1512",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "Dynamics365",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "dynamics365CdsActivities": {
        "state": "Enabled"
      }
    }
  }
}

Get a GenericUI data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/316ec55e-7138-4d63-ab18-90c8a60fd1c8?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/316ec55e-7138-4d63-ab18-90c8a60fd1c8",
  "name": "316ec55e-7138-4d63-ab18-90c8a60fd1c8",
  "etag": "\"1a00b074-0000-0100-0000-606ef5bd0000\"",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "GenericUI",
  "properties": {
    "connectorUiConfig": {
      "title": "Qualys Vulnerability Management (CCP DEMO)",
      "publisher": "Qualys",
      "descriptionMarkdown": "The [Qualys Vulnerability Management (VM)](https://www.qualys.com/apps/vulnerability-management/) data connector provides the capability to ingest vulnerability host detection data into Azure Sentinel through the Qualys API. The connector provides visibility into host detection data from vulerability scans. This connector provides Azure Sentinel the capability to view dashboards, create custom alerts, and improve investigation ",
      "customImage": "The image connector content",
      "graphQueriesTableName": "QualysHostDetection_CL",
      "graphQueries": [
        {
          "metricName": "Total data received",
          "legend": "{{graphQueriesTableName}}",
          "baseQuery": "{{graphQueriesTableName}}"
        }
      ],
      "sampleQueries": [
        {
          "description": "Top 10 Vulerabilities detected",
          "query": "{{graphQueriesTableName}}\n | mv-expand todynamic(Detections_s)\n | extend Vulnerability = tostring(Detections_s.Results)\n | summarize count() by Vulnerability\n | top 10 by count_"
        }
      ],
      "dataTypes": [
        {
          "name": "{{graphQueriesTableName}}",
          "lastDataReceivedQuery": "{{graphQueriesTableName}}\n            | summarize Time = max(TimeGenerated)\n            | where isnotempty(Time)"
        }
      ],
      "connectivityCriteria": [
        {
          "type": "IsConnectedQuery",
          "value": [
            "{{graphQueriesTableName}}\n            | summarize LastLogReceived = max(TimeGenerated)\n            | project IsConnected = LastLogReceived > ago(30d)"
          ]
        }
      ],
      "availability": {
        "status": 1,
        "isPreview": true
      },
      "permissions": {
        "resourceProvider": [
          {
            "provider": "Microsoft.OperationalInsights/workspaces",
            "permissionsDisplayText": "read and write permissions on the workspace are required.",
            "providerDisplayName": "Workspace",
            "scope": "Workspace",
            "requiredPermissions": {
              "write": true,
              "read": true,
              "delete": true
            }
          },
          {
            "provider": "Microsoft.OperationalInsights/workspaces/sharedKeys",
            "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).",
            "providerDisplayName": "Keys",
            "scope": "Workspace",
            "requiredPermissions": {
              "action": true
            }
          }
        ],
        "customs": [
          {
            "name": "Microsoft.Web/sites permissions",
            "description": "Read and write permissions to Azure Functions to create a Function App is required. [See the documentation to learn more about Azure Functions](https://docs.microsoft.com/azure/azure-functions/)."
          },
          {
            "name": "Qualys API Key",
            "description": "A Qualys VM API username and password is required. [See the documentation to learn more about Qualys VM API](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf)."
          }
        ]
      },
      "instructionSteps": [
        {
          "title": "",
          "description": ">**NOTE:** This connector uses Azure Functions to connect to Qualys VM to pull its logs into Azure Sentinel. This might result in additional data ingestion costs. Check the [Azure Functions pricing page](https://azure.microsoft.com/pricing/details/functions/) for details."
        },
        {
          "title": "",
          "description": ">**(Optional Step)** Securely store workspace and API authorization key(s) or token(s) in Azure Key Vault. Azure Key Vault provides a secure mechanism to store and retrieve key values. [Follow these instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) to use Azure Key Vault with an Azure Function App."
        },
        {
          "title": "",
          "description": "**STEP 1 - Configuration steps for the Qualys VM API**\n\n1. Log into the Qualys Vulnerability Management console with an administrator account, select the **Users** tab and the **Users** subtab. \n2. Click on the **New** drop-down menu and select **Users..**\n3. Create a username and password for the API account. \n4. In the **User Roles** tab, ensure the account role is set to **Manager** and access is allowed to **GUI** and **API**\n4. Log out of the administrator account and log into the console with the new API credentials for validation, then log out of the API account. \n5. Log back into the console using an administrator account and modify the API accounts User Roles, removing access to **GUI**. \n6. Save all changes."
        },
        {
          "title": "",
          "description": "**STEP 2 - Choose ONE from the following two deployment options to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Qualys VM connector, have the Workspace ID and Workspace Primary Key (can be copied from the following), as well as the Qualys VM API Authorization Key(s), readily available.",
          "instructions": [
            {
              "parameters": {
                "fillWith": [
                  "WorkspaceId"
                ],
                "label": "Workspace ID"
              },
              "type": "CopyableLabel"
            },
            {
              "parameters": {
                "fillWith": [
                  "PrimaryKey"
                ],
                "label": "Primary Key"
              },
              "type": "CopyableLabel"
            }
          ]
        },
        {
          "title": "Option 1 - Azure Resource Manager (ARM) Template",
          "description": "Use this method for automated deployment of the Qualys VM connector using an ARM Tempate.\n\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinelqualysvmazuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the **Workspace ID**, **Workspace Key**, **API Username**, **API Password** , update the **URI**, and any additional URI **Filter Parameters** (each filter should be separated by an \"&\" symbol, no spaces.) \n> - Enter the URI that corresponds to your region. The complete list of API Server URLs can be [found here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348) -- There is no need to add a time suffix to the URI, the Function App will dynamically append the Time Value to the URI in the proper format. \n - The default **Time Interval** is set to pull the last five (5) minutes of data. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly (in the function.json file, post deployment) to prevent overlapping data ingestion. \n> - Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details. \n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy."
        },
        {
          "title": "Option 2 - Manual Deployment of Azure Functions",
          "description": "Use the following step-by-step instructions to deploy the Quayls VM connector manually with Azure Functions."
        },
        {
          "title": "",
          "description": "**1. Create a Function App**\n\n1.  From the Azure Portal, navigate to [Function App](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.Web%2Fsites/kind/functionapp), and select **+ Add**.\n2. In the **Basics** tab, ensure Runtime stack is set to **Powershell Core**. \n3. In the **Hosting** tab, ensure the **Consumption (Serverless)** plan type is selected.\n4. Make other preferrable configuration changes, if needed, then click **Create**."
        },
        {
          "title": "",
          "description": "**2. Import Function App Code**\n\n1. In the newly created Function App, select **Functions** on the left pane and click **+ New Function**.\n2. Select **Timer Trigger**.\n3. Enter a unique Function **Name** and leave the default cron schedule of every 5 minutes, then click **Create**.\n5. Click on **Code + Test** on the left pane. \n6. Copy the [Function App Code](https://aka.ms/sentinelqualysvmazurefunctioncode) and paste into the Function App `run.ps1` editor.\n7. Click **Save**."
        },
        {
          "title": "",
          "description": "**3. Configure the Function App**\n\n1. In the Function App, select the Function App Name and select **Configuration**.\n2. In the **Application settings** tab, select **+ New application setting**.\n3. Add each of the following seven (7) application settings individually, with their respective string values (case-sensitive): \n\t\tapiUsername\n\t\tapiPassword\n\t\tworkspaceID\n\t\tworkspaceKey\n\t\turi\n\t\tfilterParameters\n\t\ttimeInterval\n> - Enter the URI that corresponds to your region. The complete list of API Server URLs can be [found here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348). The `uri` value must follow the following schema: `https://<API Server>/api/2.0/fo/asset/host/vm/detection/?action=list&vm_processed_after=` -- There is no need to add a time suffix to the URI, the Function App will dynamically append the Time Value to the URI in the proper format.\n> - Add any additional filter parameters, for the `filterParameters` variable, that need to be appended to the URI. Each parameter should be seperated by an \"&\" symbol and should not include any spaces.\n> - Set the `timeInterval` (in minutes) to the value of `5` to correspond to the Timer Trigger of every `5` minutes. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly to prevent overlapping data ingestion.\n> - Note: If using Azure Key Vault, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n4. Once all application settings have been entered, click **Save**."
        },
        {
          "title": "",
          "description": "**4. Configure the host.json**.\n\nDue to the potentially large amount of Qualys host detection data being ingested, it can cause the execution time to surpass the default Function App timeout of five (5) minutes. Increase the default timeout duration to the maximum of ten (10) minutes, under the Consumption Plan, to allow more time for the Function App to execute.\n\n1. In the Function App, select the Function App Name and select the **App Service Editor** blade.\n2. Click **Go** to open the editor, then select the **host.json** file under the **wwwroot** directory.\n3. Add the line `\"functionTimeout\": \"00:10:00\",` above the `managedDependancy` line \n4. Ensure **SAVED** appears on the top right corner of the editor, then exit the editor.\n\n> NOTE: If a longer timeout duration is required, consider upgrading to an [App Service Plan](https://docs.microsoft.com/azure/azure-functions/functions-scale#timeout)"
        }
      ]
    }
  }
}

Get a IoT data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/d2e5dc7a-f3a2-429d-954b-939fa8c2932e?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/d2e5dc7a-f3a2-429d-954b-939fa8c2932e",
  "name": "d2e5dc7a-f3a2-429d-954b-939fa8c2932e",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "IOT",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "subscriptionId": "c0688291-89d7-4bed-87a2-a7b1bff43f4c",
    "dataTypes": {
      "alerts": {
        "state": "Enabled"
      }
    }
  }
}

Get a MCAS data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/b96d014d-b5c2-4a01-9aba-a8058f629d42?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/b96d014d-b5c2-4a01-9aba-a8058f629d42",
  "name": "b96d014d-b5c2-4a01-9aba-a8058f629d42",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "MicrosoftCloudAppSecurity",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "alerts": {
        "state": "Enabled"
      },
      "discoveryLogs": {
        "state": "Enabled"
      }
    }
  }
}

Get a MDATP data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/06b3ccb8-1384-4bcc-aec7-852f6d57161b?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/06b3ccb8-1384-4bcc-aec7-852f6d57161b",
  "name": "06b3ccb8-1384-4bcc-aec7-852f6d57161b",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "MicrosoftDefenderAdvancedThreatProtection",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "alerts": {
        "state": "Enabled"
      }
    }
  }
}

Get a MicrosoftThreatIntelligence data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04",
  "name": "c345bf40-8509-4ed2-b947-50cb773aaf04",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "MicrosoftThreatIntelligence",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "bingSafetyPhishingURL": {
        "state": "Enabled",
        "lookbackPeriod": "example ??"
      },
      "microsoftEmergingThreatFeed": {
        "state": "Enabled",
        "lookbackPeriod": "example"
      }
    }
  }
}

Get a MicrosoftThreatProtection data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04",
  "name": "c345bf40-8509-4ed2-b947-50cb773aaf04",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "MicrosoftThreatProtection",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "incidents": {
        "state": "Enabled"
      }
    }
  }
}

Get a TI data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04",
  "name": "c345bf40-8509-4ed2-b947-50cb773aaf04",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "ThreatIntelligence",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "tipLookbackPeriod": "2020-01-01T13:00:30.123Z",
    "dataTypes": {
      "indicators": {
        "state": "Enabled"
      }
    }
  }
}

Get a TI Taxii data connector.

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c39bb458-02a7-4b3f-b0c8-71a1d2692652?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c39bb458-02a7-4b3f-b0c8-71a1d2692652",
  "name": "c39bb458-02a7-4b3f-b0c8-71a1d2692652",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "ThreatIntelligenceTaxii",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "workspaceId": "8b014a77-4695-4ef4-96bb-6623afb121a2",
    "friendlyName": "My TI Taxii Connector",
    "taxiiServer": "https://mytaxiiserver.com/taxiing/v2/api",
    "collectionId": "e0b1f32d-1188-48f7-a7a3-de71924e4b5e",
    "userName": "",
    "password": "",
    "taxiiLookbackPeriod": "2020-01-01T13:00:30.123Z",
    "pollingFrequency": "OnceADay",
    "dataTypes": {
      "taxiiClient": {
        "state": "Enabled"
      }
    }
  }
}

Get an AAD data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d",
  "name": "f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "AzureActiveDirectory",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "alerts": {
        "state": "Enabled"
      }
    }
  }
}

Get an AATP data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/07e42cb3-e658-4e90-801c-efa0f29d3d44?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/07e42cb3-e658-4e90-801c-efa0f29d3d44",
  "name": "07e42cb3-e658-4e90-801c-efa0f29d3d44",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "AzureAdvancedThreatProtection",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "alerts": {
        "state": "Enabled"
      }
    }
  }
}

Get an Aws S3 data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/afef3743-0c88-469c-84ff-ca2e87dc1e48?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/afef3743-0c88-469c-84ff-ca2e87dc1e48",
  "name": "afef3743-0c88-469c-84ff-ca2e87dc1e48",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "kind": "AmazonWebServicesS3",
  "properties": {
    "destinationTable": "AWSVPCFlow",
    "roleArn": "arn:aws:iam::072643944673:role/RoleName",
    "sqsUrls": [
      "https://sqs.us-west-1.amazonaws.com/111111111111/sqsTestName"
    ],
    "dataTypes": {
      "logs": {
        "state": "Enabled"
      }
    }
  }
}

Get an AwsCloudTrail data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04",
  "name": "c345bf40-8509-4ed2-b947-50cb773aaf04",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "kind": "AmazonWebServicesCloudTrail",
  "properties": {
    "awsRoleArn": "myAwsRoleArn",
    "dataTypes": {
      "logs": {
        "state": "Enabled"
      }
    }
  }
}

Get an Office ATP data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660",
  "name": "3d3e955e-33eb-401d-89a7-251c81ddd660",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "OfficeATP",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "alerts": {
        "state": "Enabled"
      }
    }
  }
}

Get an Office IRM data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660",
  "name": "3d3e955e-33eb-401d-89a7-251c81ddd660",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "OfficeIRM",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "alerts": {
        "state": "Enabled"
      }
    }
  }
}

Get an Office365 data connector.

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5",
  "name": "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "Office365",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "sharePoint": {
        "state": "Enabled"
      },
      "exchange": {
        "state": "Enabled"
      },
      "teams": {
        "state": "Enabled"
      }
    }
  }
}

Get an Office365 PowerBI data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5",
  "name": "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "OfficePowerBI",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "logs": {
        "state": "Enabled"
      }
    }
  }
}

Get an Office365 Project data connector

Sample Request

GET https://management.azure.com/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5?api-version=2022-07-01-preview

Sample Response

{
  "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5",
  "name": "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
  "type": "Microsoft.SecurityInsights/dataConnectors",
  "kind": "Office365Project",
  "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
  "properties": {
    "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8",
    "dataTypes": {
      "logs": {
        "state": "Enabled"
      }
    }
  }
}

Definisi

AADDataConnector

Mewakili konektor data AAD (Azure Active Directory).

AATPDataConnector

Mewakili konektor data AATP (Azure Advanced Threat Protection).

AlertsDataTypeOfDataConnector

Memperingatkan jenis data untuk konektor data.

ASCDataConnector

Mewakili konektor data ASC (Azure Security Center).

Availability

Status Ketersediaan Konektor

AvailabilityStatus

Status Ketersediaan konektor

AwsCloudTrailDataConnector

Mewakili konektor data Amazon Web Services CloudTrail.

AwsCloudTrailDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data Amazon Web Services CloudTrail.

AwsS3DataConnector

Mewakili konektor data Amazon Web Services S3.

AwsS3DataConnectorDataTypes

Jenis data yang tersedia untuk konektor data Amazon Web Services S3.

BingSafetyPhishingURL

Jenis data untuk konektor data Platform Inteligensi Ancaman Microsoft.

CloudError

Struktur respons kesalahan.

CloudErrorBody

Detail kesalahan.

CodelessApiPollingDataConnector

Mewakili konektor data Polling API Tanpa Kode.

CodelessConnectorPollingAuthProperties

Menjelaskan properti autentikasi yang diperlukan agar berhasil mengautentikasi dengan server

CodelessConnectorPollingConfigProperties

Konfigurasi untuk menjelaskan konfigurasi polling untuk konektor poller API

CodelessConnectorPollingPagingProperties

Menjelaskan properti yang diperlukan untuk melakukan panggilan penomoran halaman

CodelessConnectorPollingRequestProperties

Menjelaskan properti permintaan yang diperlukan agar berhasil menarik dari server

CodelessConnectorPollingResponseProperties

Menjelaskan respons dari server eksternal

CodelessUiConnectorConfigProperties

Konfigurasi untuk menjelaskan bilah instruksi

CodelessUiDataConnector

Mewakili konektor data UI Tanpa Kode.

ConnectivityCriteria

Pengaturan untuk konektivitas pemeriksaan konektor

ConnectivityType

jenis konektivitas

createdByType

Jenis identitas yang membuat sumber daya.

Customs

Izin kustom yang diperlukan untuk konektor

DataConnectorDataTypeCommon

Bidang umum untuk jenis data dalam konektor data.

DataConnectorKind

Jenis konektor data

DataTypes

Jenis data untuk memeriksa data terakhir yang diterima

DataTypeState

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

Dynamics365CdsActivities

Koneksi jenis data Common Data Service.

Dynamics365DataConnector

Mewakili konektor data Dynamics365.

Dynamics365DataConnectorDataTypes

Jenis data yang tersedia untuk konektor data Dynamics365.

Exchange

Koneksi jenis data Exchange.

GraphQueries

Kueri grafik untuk memperlihatkan status data saat ini

Incidents

Jenis data untuk konektor data Platform Perlindungan Ancaman Microsoft.

Indicators

Jenis data untuk koneksi indikator.

Instructions

Detail langkah instruksi

InstructionSteps

Langkah-langkah instruksi untuk mengaktifkan konektor

IoTDataConnector

Mewakili konektor data IoT.

Logs

Jenis data log.

MCASDataConnector

Mewakili konektor data MCAS (Microsoft Cloud App Security).

MCASDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data MCAS (Microsoft Cloud App Security).

MDATPDataConnector

Mewakili konektor data MDATP (Microsoft Defender Advanced Threat Protection).

MicrosoftEmergingThreatFeed

Jenis data untuk konektor data Platform Inteligensi Ancaman Microsoft.

MSTIDataConnector

Mewakili konektor data Inteligensi Ancaman Microsoft.

MSTIDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data Platform Inteligensi Ancaman Microsoft.

MTPDataConnector

Mewakili konektor data MTP (Microsoft Threat Protection).

MTPDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data Platform Perlindungan Ancaman Microsoft.

Office365ProjectConnectorDataTypes

Tipe data yang tersedia untuk konektor data Office Microsoft Project.

Office365ProjectDataConnector

Mewakili konektor data Office Microsoft Project.

OfficeATPDataConnector

Mewakili konektor data OfficeATP (Office 365 Advanced Threat Protection).

OfficeDataConnector

Mewakili konektor data office.

OfficeDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data office.

OfficeIRMDataConnector

Mewakili konektor data OfficeIRM (Microsoft Insider Risk Management).

OfficePowerBIConnectorDataTypes

Tipe data yang tersedia untuk konektor data Office Microsoft PowerBI.

OfficePowerBIDataConnector

Mewakili konektor data Office Microsoft PowerBI.

PermissionProviderScope

Cakupan penyedia izin

Permissions

Izin yang diperlukan untuk konektor

PollingFrequency

Frekuensi polling untuk server TAXII.

ProviderName

Nama Penyedia

RequiredPermissions

Izin yang diperlukan untuk konektor

ResourceProvider

Izin penyedia sumber daya diperlukan untuk konektor

SampleQueries

Contoh kueri untuk konektor

SettingType

Jenis pengaturan

SharePoint

Koneksi jenis data SharePoint.

systemData

Metadata yang berkaitan dengan pembuatan dan modifikasi terakhir sumber daya.

TaxiiClient

Jenis data untuk konektor TAXII.

Teams

Koneksi jenis data Teams.

TIDataConnector

Mewakili konektor data inteligensi ancaman.

TIDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data TI (Inteligensi Ancaman).

TiTaxiiDataConnector

Konektor data untuk menarik data Inteligensi ancaman dari server TAXII 2.0/2.1

TiTaxiiDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data TAXII Inteligensi Ancaman.

AADDataConnector

Mewakili konektor data AAD (Azure Active Directory).

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • AzureActiveDirectory

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

AATPDataConnector

Mewakili konektor data AATP (Azure Advanced Threat Protection).

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • AzureAdvancedThreatProtection

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

AlertsDataTypeOfDataConnector

Memperingatkan jenis data untuk konektor data.

Name Type Description
alerts

Memperingatkan koneksi jenis data.

ASCDataConnector

Mewakili konektor data ASC (Azure Security Center).

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • AzureSecurityCenter

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.subscriptionId
  • string

Id langganan untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

Availability

Status Ketersediaan Konektor

Name Type Description
isPreview
  • boolean

Mengatur konektor sebagai pratinjau

status

Status Ketersediaan konektor

AvailabilityStatus

Status Ketersediaan konektor

Name Type Description
1
  • Integer

AwsCloudTrailDataConnector

Mewakili konektor data Amazon Web Services CloudTrail.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • AmazonWebServicesCloudTrail

Jenis konektor data

name
  • string

Nama sumber daya.

properties.awsRoleArn
  • string

Aws Role Arn (dengan kebijakan CloudTrailReadOnly) yang digunakan untuk mengakses akun Aws.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

AwsCloudTrailDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data Amazon Web Services CloudTrail.

Name Type Description
logs

Jenis data log.

AwsS3DataConnector

Mewakili konektor data Amazon Web Services S3.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • AmazonWebServicesS3

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.destinationTable
  • string

Nama tabel tujuan log di LogAnalytics.

properties.roleArn
  • string

Arn Peran Aws yang digunakan untuk mengakses akun Aws.

properties.sqsUrls
  • string[]

URL AWS sqs untuk konektor.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

AwsS3DataConnectorDataTypes

Jenis data yang tersedia untuk konektor data Amazon Web Services S3.

Name Type Description
logs

Jenis data log.

BingSafetyPhishingURL

Jenis data untuk konektor data Platform Inteligensi Ancaman Microsoft.

Name Type Description
lookbackPeriod
  • string

periode lookback

state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

CloudError

Struktur respons kesalahan.

Name Type Description
error

Data kesalahan

CloudErrorBody

Detail kesalahan.

Name Type Description
code
  • string

Pengidentifikasi untuk kesalahan. Kode tidak berubah dan dimaksudkan untuk dikonsumsi secara terprogram.

message
  • string

Pesan yang menjelaskan kesalahan, dimaksudkan agar cocok untuk ditampilkan di antarmuka pengguna.

CodelessApiPollingDataConnector

Mewakili konektor data Polling API Tanpa Kode.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • APIPolling

Jenis konektor data

name
  • string

Nama sumber daya.

properties.connectorUiConfig

Konfigurasi untuk menjelaskan bilah instruksi

properties.pollingConfig

Konfigurasi untuk menjelaskan instruksi polling

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

CodelessConnectorPollingAuthProperties

Menjelaskan properti autentikasi yang diperlukan agar berhasil mengautentikasi dengan server

Name Type Description
apiKeyIdentifier
  • string

Awalan dikirim di header sebelum token aktual

apiKeyName
  • string

Nama header tempat token dikirim

authType
  • string

Jenis autentikasi

authorizationEndpoint
  • string

Titik akhir yang digunakan untuk mengotorisasi pengguna, digunakan dalam alur Oauth 2.0

authorizationEndpointQueryParameters
  • object

Parameter kueri yang digunakan dalam permintaan otorisasi, digunakan dalam alur Oauth 2.0

flowName
  • string

Menjelaskan nama alur, misalnya 'AuthCode' untuk Oauth 2.0

isApiKeyInPostPayload
  • string

Menandai apakah kunci harus dikirim di header

isClientSecretInHeader
  • boolean

Menandai apakah kita harus mengirim rahasia klien di header atau payload, yang digunakan dalam alur Oauth 2.0

redirectionEndpoint
  • string

Titik akhir pengalihan tempat kita akan mendapatkan kode otorisasi, digunakan dalam alur Oauth 2.0

scope
  • string

Cakupan token OAuth

tokenEndpoint
  • string

Titik akhir yang digunakan untuk mengeluarkan token, digunakan dalam alur Oauth 2.0

tokenEndpointHeaders
  • object

Header kueri yang digunakan dalam permintaan token, digunakan dalam alur Oauth 2.0

tokenEndpointQueryParameters
  • object

Parameter kueri yang digunakan dalam permintaan token, digunakan dalam alur Oauth 2.0

CodelessConnectorPollingConfigProperties

Konfigurasi untuk menjelaskan konfigurasi polling untuk konektor poller API

Name Type Description
auth

Menjelaskan jenis autentikasi poller

isActive
  • boolean

Status aktif poller

paging

Menjelaskan konfigurasi halaman permintaan polling dari poller

request

Menjelaskan parameter konfigurasi permintaan polling dari poller

response

Menjelaskan parameter konfigurasi respons poller

CodelessConnectorPollingPagingProperties

Menjelaskan properti yang diperlukan untuk melakukan panggilan penomoran halaman

Name Type Description
nextPageParaName
  • string

Menentukan nama atribut halaman berikutnya

nextPageTokenJsonPath
  • string

Menentukan jalur ke token halaman berikutnya JSON

pageCountAttributePath
  • string

Menentukan jalur ke atribut jumlah halaman

pageSize
  • integer

Menentukan ukuran halaman

pageSizeParaName
  • string

Menentukan nama parameter ukuran halaman

pageTimeStampAttributePath
  • string

Menentukan jalur ke atribut stempel waktu halaman

pageTotalCountAttributePath
  • string

Menentukan jalur ke atribut jumlah total halaman

pagingType
  • string

Menjelaskan jenisnya. bisa berupa 'None', 'PageToken', 'PageCount', 'TimeStamp'

searchTheLatestTimeStampFromEventsList
  • string

Menentukan apakah akan mencari stempel waktu terbaru dalam daftar peristiwa

CodelessConnectorPollingRequestProperties

Menjelaskan properti permintaan yang diperlukan agar berhasil menarik dari server

Name Type Description
apiEndpoint
  • string

Menjelaskan titik akhir tempat kita harus menarik data

endTimeAttributeName
  • string

Ini akan digunakan peristiwa kueri dari akhir jendela waktu

headers
  • object

Menjelaskan header yang dikirim dalam permintaan polling

httpMethod
  • string

Jenis metode http yang akan kita gunakan dalam permintaan polling, GET atau POST

queryParameters
  • object

Menjelaskan parameter kueri yang dikirim dalam permintaan polling

queryParametersTemplate
  • string

Untuk skenario tingkat lanjut misalnya nama pengguna/kata sandi yang disematkan dalam payload JSON berlapis

queryTimeFormat
  • string

Format waktu akan digunakan peristiwa kueri di jendela tertentu

queryWindowInMin
  • integer

Interval jendela yang akan kita gunakan untuk menarik data

rateLimitQps
  • integer

Menentukan batas tarif QPS

retryCount
  • integer

Menjelaskan jumlah waktu yang harus kita coba dan polling data jika terjadi kegagalan

startTimeAttributeName
  • string

Ini akan digunakan peristiwa kueri dari awal jendela waktu

timeoutInSeconds
  • integer

Jumlah detik yang akan kami pertimbangkan sebagai batas waktu permintaan

CodelessConnectorPollingResponseProperties

Menjelaskan respons dari server eksternal

Name Type Description
eventsJsonPaths
  • string[]

Menjelaskan jalur yang harus kita ekstrak data dalam respons

isGzipCompressed
  • boolean

Menjelaskan apakah data dalam respons adalah Gzip

successStatusJsonPath
  • string

Menjelaskan jalur kita harus mengekstrak kode status dalam respons

successStatusValue
  • string

Menjelaskan jalur kita harus mengekstrak nilai status dalam respons

CodelessUiConnectorConfigProperties

Konfigurasi untuk menjelaskan bilah instruksi

Name Type Description
availability

Status Ketersediaan Konektor

connectivityCriteria

Tentukan cara konektor memeriksa konektivitas

customImage
  • string

Gambar kustom opsional yang akan digunakan saat menampilkan konektor dalam galeri konektor Azure Sentinel

dataTypes

Jenis data untuk memeriksa data terakhir yang diterima

descriptionMarkdown
  • string

Deskripsi konektor

graphQueries

Kueri grafik untuk memperlihatkan status data saat ini

graphQueriesTableName
  • string

Nama tabel tempat konektor akan menyisipkan data

instructionSteps

Langkah-langkah instruksi untuk mengaktifkan konektor

permissions

Izin yang diperlukan untuk konektor

publisher
  • string

Nama penerbit konektor

sampleQueries

Contoh kueri untuk konektor

title
  • string

Judul bilah konektor

CodelessUiDataConnector

Mewakili konektor data UI Tanpa Kode.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • GenericUI

Jenis konektor data

name
  • string

Nama sumber daya.

properties.connectorUiConfig

Konfigurasi untuk menjelaskan bilah instruksi

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

ConnectivityCriteria

Pengaturan untuk konektivitas pemeriksaan konektor

Name Type Description
type

jenis konektivitas

value
  • string[]

Kueri untuk memeriksa konektivitas

ConnectivityType

jenis konektivitas

Name Type Description
IsConnectedQuery
  • string

createdByType

Jenis identitas yang membuat sumber daya.

Name Type Description
Application
  • string
Key
  • string
ManagedIdentity
  • string
User
  • string

Customs

Izin kustom yang diperlukan untuk konektor

Name Type Description
description
  • string

Deskripsi izin kustom

name
  • string

Nama izin kustom

DataConnectorDataTypeCommon

Bidang umum untuk jenis data dalam konektor data.

Name Type Description
state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

DataConnectorKind

Jenis konektor data

Name Type Description
APIPolling
  • string
AmazonWebServicesCloudTrail
  • string
AmazonWebServicesS3
  • string
AzureActiveDirectory
  • string
AzureAdvancedThreatProtection
  • string
AzureSecurityCenter
  • string
Dynamics365
  • string
GenericUI
  • string
IOT
  • string
MicrosoftCloudAppSecurity
  • string
MicrosoftDefenderAdvancedThreatProtection
  • string
MicrosoftThreatIntelligence
  • string
MicrosoftThreatProtection
  • string
Office365
  • string
Office365Project
  • string
OfficeATP
  • string
OfficeIRM
  • string
OfficePowerBI
  • string
ThreatIntelligence
  • string
ThreatIntelligenceTaxii
  • string

DataTypes

Jenis data untuk memeriksa data terakhir yang diterima

Name Type Description
lastDataReceivedQuery
  • string

Kueri untuk menunjukkan data terakhir yang diterima

name
  • string

Nama jenis data yang akan diperlihatkan dalam grafik. dapat digunakan dengan tempat penampung {{graphQueriesTableName}}

DataTypeState

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

Name Type Description
Disabled
  • string
Enabled
  • string

Dynamics365CdsActivities

Koneksi jenis data Common Data Service.

Name Type Description
state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

Dynamics365DataConnector

Mewakili konektor data Dynamics365.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • Dynamics365

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

Dynamics365DataConnectorDataTypes

Jenis data yang tersedia untuk konektor data Dynamics365.

Name Type Description
dynamics365CdsActivities

Koneksi jenis data Common Data Service.

Exchange

Koneksi jenis data Exchange.

Name Type Description
state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

GraphQueries

Kueri grafik untuk memperlihatkan status data saat ini

Name Type Description
baseQuery
  • string

Kueri dasar untuk grafik

legend
  • string

Legenda untuk grafik

metricName
  • string

metrik yang diperiksa kueri

Incidents

Jenis data untuk konektor data Platform Perlindungan Ancaman Microsoft.

Name Type Description
state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

Indicators

Jenis data untuk koneksi indikator.

Name Type Description
state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

Instructions

Detail langkah instruksi

Name Type Description
parameters
  • object

Parameter untuk pengaturan

type

Jenis pengaturan

InstructionSteps

Langkah-langkah instruksi untuk mengaktifkan konektor

Name Type Description
description
  • string

Deskripsi langkah instruksi

instructions

Detail langkah instruksi

title
  • string

Judul langkah instruksi

IoTDataConnector

Mewakili konektor data IoT.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • IOT

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.subscriptionId
  • string

Id langganan untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

Logs

Jenis data log.

Name Type Description
state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

MCASDataConnector

Mewakili konektor data MCAS (Microsoft Cloud App Security).

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • MicrosoftCloudAppSecurity

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

MCASDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data MCAS (Microsoft Cloud App Security).

Name Type Description
alerts

Memperingatkan koneksi jenis data.

discoveryLogs

Koneksi jenis data log penemuan.

MDATPDataConnector

Mewakili konektor data MDATP (Microsoft Defender Advanced Threat Protection).

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • MicrosoftDefenderAdvancedThreatProtection

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

MicrosoftEmergingThreatFeed

Jenis data untuk konektor data Platform Inteligensi Ancaman Microsoft.

Name Type Description
lookbackPeriod
  • string

periode lookback

state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

MSTIDataConnector

Mewakili konektor data Inteligensi Ancaman Microsoft.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • MicrosoftThreatIntelligence

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

MSTIDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data Platform Inteligensi Ancaman Microsoft.

Name Type Description
bingSafetyPhishingURL

Jenis data untuk konektor data Platform Inteligensi Ancaman Microsoft.

microsoftEmergingThreatFeed

Jenis data untuk konektor data Platform Inteligensi Ancaman Microsoft.

MTPDataConnector

Mewakili konektor data MTP (Microsoft Threat Protection).

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • MicrosoftThreatProtection

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

MTPDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data Platform Perlindungan Ancaman Microsoft.

Name Type Description
incidents

Jenis data untuk konektor data Platform Perlindungan Ancaman Microsoft.

Office365ProjectConnectorDataTypes

Tipe data yang tersedia untuk konektor data Office Microsoft Project.

Name Type Description
logs

Jenis data log.

Office365ProjectDataConnector

Mewakili konektor data Office Microsoft Project.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • Office365Project

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

OfficeATPDataConnector

Mewakili konektor data OfficeATP (Office 365 Advanced Threat Protection).

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • OfficeATP

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

OfficeDataConnector

Mewakili konektor data office.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • Office365

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

OfficeDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data office.

Name Type Description
exchange

Koneksi jenis data Exchange.

sharePoint

Koneksi jenis data SharePoint.

teams

Koneksi jenis data Teams.

OfficeIRMDataConnector

Mewakili konektor data OfficeIRM (Microsoft Insider Risk Management).

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • OfficeIRM

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

OfficePowerBIConnectorDataTypes

Tipe data yang tersedia untuk konektor data Office Microsoft PowerBI.

Name Type Description
logs

Jenis data log.

OfficePowerBIDataConnector

Mewakili konektor data Office Microsoft PowerBI.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • OfficePowerBI

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

PermissionProviderScope

Cakupan penyedia izin

Name Type Description
ResourceGroup
  • string
Subscription
  • string
Workspace
  • string

Permissions

Izin yang diperlukan untuk konektor

Name Type Description
customs

Izin kustom yang diperlukan untuk konektor

resourceProvider

Izin penyedia sumber daya diperlukan untuk konektor

PollingFrequency

Frekuensi polling untuk server TAXII.

Name Type Description
OnceADay
  • string

Sekali sehari

OnceAMinute
  • string

Sekali semenit

OnceAnHour
  • string

Satu jam sekali

ProviderName

Nama Penyedia

Name Type Description
Microsoft.Authorization/policyAssignments
  • string
Microsoft.OperationalInsights/solutions
  • string
Microsoft.OperationalInsights/workspaces
  • string
Microsoft.OperationalInsights/workspaces/datasources
  • string
Microsoft.OperationalInsights/workspaces/sharedKeys
  • string
microsoft.aadiam/diagnosticSettings
  • string

RequiredPermissions

Izin yang diperlukan untuk konektor

Name Type Description
action
  • boolean

izin tindakan

delete
  • boolean

izin hapus

read
  • boolean

izin baca

write
  • boolean

izin tulis

ResourceProvider

Izin penyedia sumber daya diperlukan untuk konektor

Name Type Description
permissionsDisplayText
  • string

Teks deskripsi izin

provider

Nama Penyedia

providerDisplayName
  • string

Nama tampilan penyedia izin

requiredPermissions

Izin yang diperlukan untuk konektor

scope

Cakupan penyedia izin

SampleQueries

Contoh kueri untuk konektor

Name Type Description
description
  • string

Contoh deskripsi kueri

query
  • string

kueri sampel

SettingType

Jenis pengaturan

Name Type Description
CopyableLabel
  • string
InfoMessage
  • string
InstructionStepsGroup
  • string

SharePoint

Koneksi jenis data SharePoint.

Name Type Description
state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

systemData

Metadata yang berkaitan dengan pembuatan dan modifikasi terakhir sumber daya.

Name Type Description
createdAt
  • string

Tanda waktu pembuatan sumber daya (UTC).

createdBy
  • string

Identitas yang membuat sumber daya.

createdByType

Jenis identitas yang membuat sumber daya.

lastModifiedAt
  • string

Tanda waktu modifikasi terakhir sumber daya (UTC)

lastModifiedBy
  • string

Identitas yang terakhir memodifikasi sumber daya.

lastModifiedByType

Jenis identitas yang terakhir mengubah sumber daya.

TaxiiClient

Jenis data untuk konektor TAXII.

Name Type Description
state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

Teams

Koneksi jenis data Teams.

Name Type Description
state

Jelaskan apakah koneksi tipe data ini diaktifkan atau tidak.

TIDataConnector

Mewakili konektor data inteligensi ancaman.

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • ThreatIntelligence

Jenis konektor data

name
  • string

Nama sumber daya.

properties.dataTypes

Jenis data yang tersedia untuk konektor.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

properties.tipLookbackPeriod
  • string

Periode lookback untuk umpan yang akan diimpor.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

TIDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data TI (Inteligensi Ancaman).

Name Type Description
indicators

Jenis data untuk koneksi indikator.

TiTaxiiDataConnector

Konektor data untuk menarik data Inteligensi ancaman dari server TAXII 2.0/2.1

Name Type Description
etag
  • string

Etag sumber daya azure

id
  • string

ID sumber daya yang sepenuhnya memenuhi syarat untuk sumber daya. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

kind string:
  • ThreatIntelligenceTaxii

Jenis konektor data

name
  • string

Nama sumber daya.

properties.collectionId
  • string

Id koleksi server TAXII.

properties.dataTypes

Jenis data yang tersedia untuk konektor data TAXII Inteligensi Ancaman.

properties.friendlyName
  • string

Nama yang mudah diingat untuk server TAXII.

properties.password
  • string

Kata sandi untuk server TAXII.

properties.pollingFrequency

Frekuensi polling untuk server TAXII.

properties.taxiiLookbackPeriod
  • string

Periode lookback untuk server TAXII.

properties.taxiiServer
  • string

Akar API untuk server TAXII.

properties.tenantId
  • string

Id penyewa untuk disambungkan, dan mendapatkan data dari.

properties.userName
  • string

UserName untuk server TAXII.

properties.workspaceId
  • string

Id ruang kerja.

systemData

Metadata Azure Resource Manager berisi informasi createdBy dan modifiedBy.

type
  • string

Jenis sumber daya. Misalnya, "Microsoft.Compute/virtualMachines" atau "Microsoft.Storage/storageAccounts"

TiTaxiiDataConnectorDataTypes

Jenis data yang tersedia untuk konektor data TAXII Inteligensi Ancaman.

Name Type Description
taxiiClient

Jenis data untuk konektor TAXII.