Orca Security Alerts connector for Microsoft Sentinel
The Orca Security Alerts connector allows you to easily export Alerts logs to Microsoft Sentinel.
This is autogenerated content. For changes, contact the solution provider.
Connector attributes
Connector attribute | Description |
---|---|
Log Analytics table(s) | OrcaAlerts_CL |
Data collection rules support | Not currently supported |
Supported by | Orca Security |
Query samples
Fetch all service vulnerabilities on running asset
OrcaAlerts_CL
| where alert_type_s == "service_vulnerability"
| where asset_state_s == "running"
| sort by TimeGenerated
Fetch all alerts with "remote_code_execution" label
OrcaAlerts_CL
| where split(alert_labels_s, ",") contains("remote_code_execution")
| sort by TimeGenerated
Vendor installation instructions
Follow guidance for integrating Orca Security Alerts logs with Microsoft Sentinel.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Povratne informacije
https://aka.ms/ContentUserFeedback.
Stiže uskoro: Tokom 2024. godine postepeno ćemo ukidati probleme sa uslugom GitHub kao mehanizam povratnih informacija za sadržaj i zameniti ga novim sistemom povratnih informacija. Dodatne informacije potražite u članku:Prosledite i prikažite povratne informacije za