Az.SecurityInsights Module

Microsoft Azure PowerShell: SecurityInsights cmdlets

Security Insights

Cmdlet	Description
Get-AzSentinelAlertRule	Gets the alert rule.
Get-AzSentinelAlertRuleAction	Gets the action of alert rule.
Get-AzSentinelAlertRuleTemplate	Gets the alert rule template.
Get-AzSentinelAutomationRule	Gets the automation rule.
Get-AzSentinelBookmark	Gets a bookmark.
Get-AzSentinelBookmarkRelation	Gets a bookmark relation.
Get-AzSentinelDataConnector	Gets a data connector.
Get-AzSentinelEnrichment	Get geodata for a single IP address
Get-AzSentinelEntity	Gets an entity.
Get-AzSentinelEntityActivity	Get Insights and Activities for an entity.
Get-AzSentinelEntityInsight	Execute Insights for an entity.
Get-AzSentinelEntityQuery	Gets an entity query.
Get-AzSentinelEntityQueryTemplate	Gets an entity query.
Get-AzSentinelEntityRelation	Gets an entity relation.
Get-AzSentinelEntityTimeline	Timeline for an entity.
Get-AzSentinelIncident	Gets an incident.
Get-AzSentinelIncidentAlert	Gets all incident alerts.
Get-AzSentinelIncidentBookmark	Gets all incident bookmarks.
Get-AzSentinelIncidentComment	Gets an incident comment.
Get-AzSentinelIncidentEntity	Gets all incident related entities.
Get-AzSentinelIncidentRelation	Gets an incident relation.
Get-AzSentinelMetadata	Get a Metadata.
Get-AzSentinelOnboardingState	Get Sentinel onboarding state
Get-AzSentinelSetting	Gets a setting.
Get-AzSentinelThreatIntelligenceIndicator	View a threat intelligence indicator by name.
Get-AzSentinelThreatIntelligenceIndicatorMetric	Get threat intelligence indicators metrics (Indicators counts by Type, Threat Type, Source).
Invoke-AzSentinelThreatIntelligenceIndicatorQuery	Query threat intelligence indicators as per filtering criteria.
New-AzSentinelAlertRule	Creates the alert rule.
New-AzSentinelAlertRuleAction	Creates or updates the action of alert rule.
New-AzSentinelAutomationRule	Creates or updates the automation rule.
New-AzSentinelBookmark	Creates or updates the bookmark.
New-AzSentinelBookmarkRelation	Creates the bookmark relation.
New-AzSentinelDataConnector	Creates or updates the data connector.
New-AzSentinelEntityQuery	Creates or updates the entity query.
New-AzSentinelIncident	Creates or updates the incident.
New-AzSentinelIncidentComment	Creates or updates the incident comment.
New-AzSentinelIncidentRelation	Creates or updates the incident relation.
New-AzSentinelIncidentTeam	Creates a Microsoft team to investigate the incident by sharing information and insights between participants.
New-AzSentinelOnboardingState	Create Sentinel onboarding state
Remove-AzSentinelAlertRule	Delete the alert rule.
Remove-AzSentinelAlertRuleAction	Delete the action of alert rule.
Remove-AzSentinelAutomationRule	Delete the automation rule.
Remove-AzSentinelBookmark	Delete the bookmark.
Remove-AzSentinelBookmarkRelation	Delete the bookmark relation.
Remove-AzSentinelDataConnector	Delete the data connector.
Remove-AzSentinelEntityQuery	Delete the entity query.
Remove-AzSentinelIncident	Delete the incident.
Remove-AzSentinelIncidentComment	Delete the incident comment.
Remove-AzSentinelIncidentRelation	Delete the incident relation.
Remove-AzSentinelOnboardingState	Delete Sentinel onboarding state
Test-AzSentinelDataConnectorCheckRequirement	Get requirements state for a data connector type.
Update-AzSentinelAlertRule	Updates the alert rule.
Update-AzSentinelAlertRuleAction	Creates or updates the action of alert rule.
Update-AzSentinelAutomationRule	Creates or updates the automation rule.
Update-AzSentinelBookmark	Creates or updates the bookmark.
Update-AzSentinelBookmarkRelation	Creates the bookmark relation.
Update-AzSentinelDataConnector	Updates the data connector.
Update-AzSentinelEntityQuery	Updates the entity query.
Update-AzSentinelIncident	Creates or updates the incident.
Update-AzSentinelIncidentComment	Creates or updates the incident comment.
Update-AzSentinelIncidentRelation	Creates or updates the incident relation.
Update-AzSentinelSetting	Updates setting.