Dynatrace Runtime Vulnerabilities connector for Microsoft Sentinel
This connector uses the Dynatrace Security Problem REST API to ingest detected runtime vulnerabilities into Microsoft Sentinel Log Analytics.
This is autogenerated content. For changes, contact the solution provider.
Connector attributes
Connector attribute | Description |
---|---|
Log Analytics table(s) | {{graphQueriesTableName}} |
Data collection rules support | Not currently supported |
Supported by | Dynatrace |
Query samples
All Vulnerability Events
DynatraceSecurityProblems
| summarize arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId
| take 10
All Third-Party Vulnerability Events
DynatraceSecurityProblems
| where VulnerabilityType == "THIRD_PARTY"
| summarize arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId
| take 10
All Code-level Vulnerability Events
DynatraceSecurityProblems
| where VulnerabilityType == "CODE_LEVEL"
| summarize arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId
| take 10
All Runtime Vulnerability Events
DynatraceSecurityProblems
| where VulnerabilityType == "RUNTIME"
| summarize arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId
| take 10
Critical Vulnerability Events
DynatraceSecurityProblems
| where DAVISRiskLevel == "CRITICAL"
| summarize arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId
| take 10
High Vulnerability Events
DynatraceSecurityProblems
| where DAVISRiskLevel == "HIGH"
| summarize arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId
| take 10
Count Vulnerability Events by Technology and Vulnerability
DynatraceSecurityProblems
| summarize arg_max(LastUpdatedTimeStamp, *) by SecurityProblemId
| summarize count() by Technology, ExternalVulnerabilityId
| take 10
Prerequisites
To integrate with Dynatrace Runtime Vulnerabilities make sure you have:
- Dynatrace tenant (ex. xyz.dynatrace.com): You need a valid Dynatrace tenant with Application Security enabled, learn more about the Dynatrace platform.
- Dynatrace Access Token: You need a Dynatrace Access Token, the token should have Read security problems (securityProblems.read) scope.
Vendor installation instructions
Dynatrace Vulnerabilities Events to Microsoft Sentinel
Configure and Enable Dynatrace Application Security. Follow these instructions to generate an access token.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Phản hồi
https://aka.ms/ContentUserFeedback.
Sắp ra mắt: Trong năm 2024, chúng tôi sẽ dần gỡ bỏ Sự cố với GitHub dưới dạng cơ chế phản hồi cho nội dung và thay thế bằng hệ thống phản hồi mới. Để biết thêm thông tin, hãy xem:Gửi và xem ý kiến phản hồi dành cho