你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
New-AzSentinelDataConnector
语法
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-Alerts <String>]
[-TenantId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-AWSRoleArn <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-Log <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-AWSRoleArn <String>
-DetinationTable <String>
-Kind <DataConnectorKind>
-Log <String>
-SQSURL <String[]>
[-Id <String>]
[-SubscriptionId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-ASCSubscriptionId <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-Alerts <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-CommonDataServiceActivity <String>]
[-TenantId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-AvailabilityIsPreview <Boolean>
-Kind <DataConnectorKind>
-UiConfigConnectivityCriterion <ConnectivityCriteria[]>
-UiConfigDataType <LastDataReceivedDataType[]>
-UiConfigDescriptionMarkdown <String>
-UiConfigGraphQueriesTableName <String>
-UiConfigGraphQuery <GraphQueries[]>
-UiConfigInstructionStep <InstructionSteps[]>
-UiConfigPublisher <String>
-UiConfigSampleQuery <SampleQueries[]>
-UiConfigTitle <String>
[-Id <String>]
[-SubscriptionId <String>]
[-AvailabilityStatus <Int32>]
[-PermissionCustom <PermissionsCustomsItem[]>]
[-PermissionResourceProvider <PermissionsResourceProviderItem[]>]
[-UiConfigCustomImage <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-Alerts <String>]
[-DiscoveryLog <String>]
[-TenantId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-Alerts <String>]
[-TenantId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-BingSafetyPhishingURL <String>]
[-BingSafetyPhishingUrlLookbackPeriod <String>]
[-MicrosoftEmergingThreatFeed <String>]
[-MicrosoftEmergingThreatFeedLookbackPeriod <String>]
[-TenantId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-Incident <String>]
[-TenantId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-Exchange <String>]
[-SharePoint <String>]
[-Teams <String>]
[-TenantId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-Alerts <String>]
[-TenantId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-Alerts <String>]
[-TenantId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-Kind <DataConnectorKind>
[-Id <String>]
[-SubscriptionId <String>]
[-Indicator <String>]
[-TenantId <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
-APIRootURL <String>
-CollectionId <String>
-FriendlyName <String>
-Kind <DataConnectorKind>
-PollingFrequency <PollingFrequency>
-WorkspaceId <String>
[-Id <String>]
[-SubscriptionId <String>]
[-Password <String>]
[-TaxiiLookbackPeriod <String>]
[-TenantId <String>]
[-UserName <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-Confirm]
[-WhatIf]
[<CommonParameters>]
说明
创建或更新数据连接器。
示例
示例 1:启用数据连接器。
New-AzSentinelDataConnector -ResourceGroupName "myResourceGroupName" -WorkspaceName "myWorkspaceName" -Kind 'MicrosoftThreatIntelligence' -BingSafetyPhishingURL Enabled -BingSafetyPhishingUrlLookbackPeriod All -MicrosoftEmergingThreatFeed Enabled -MicrosoftEmergingThreatFeedLookbackPeriod All
此命令启用威胁情报数据连接器
参数
-Alerts
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-APIRootURL
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ASCSubscriptionId
ASC 订阅 ID。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AsJob
以作业身份运行命令
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AvailabilityIsPreview
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AvailabilityStatus
[Parameter(ParameterSetName = 'APIPolling')]
| Type: | Int32 |
| Position: | Named |
| Default value: | 1 |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AWSRoleArn
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-BingSafetyPhishingURL
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-BingSafetyPhishingUrlLookbackPeriod
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CollectionId
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CommonDataServiceActivity
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
提示你在运行 cmdlet 之前进行确认。
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
用于与 Azure 通信的凭据、帐户、租户和订阅。
| Type: | PSObject |
| Aliases: | AzureRMContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DetinationTable
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DiscoveryLog
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Exchange
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-FriendlyName
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Id
数据连接or 的 ID。
| Type: | String |
| Position: | Named |
| Default value: | (New-Guid).Guid |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Incident
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Indicator
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Kind
数据连接的类型
| Type: | DataConnectorKind |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Log
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MicrosoftEmergingThreatFeed
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MicrosoftEmergingThreatFeedLookbackPeriod
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-NoWait
异步运行命令
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Password
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PermissionCustom
[Parameter(ParameterSetName = 'APIPolling')]若要构造,请参阅 PERMISSIONCUSTOM 属性的 NOTES 部分并创建哈希表。
| Type: | PermissionsCustomsItem[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PermissionResourceProvider
[Parameter(ParameterSetName = 'APIPolling')]若要构造,请参阅 PERMISSIONRESOURCEPROVIDER 属性的 NOTES 部分并创建哈希表。
-PollingFrequency
| Type: | PollingFrequency |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceGroupName
资源组名称。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SharePoint
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SQSURL
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SubscriptionId
获取唯一标识 Microsoft Azure 订阅的订阅凭据。
此订阅 ID 是每个服务调用的 URI 的一部分。
| Type: | String |
| Position: | Named |
| Default value: | (Get-AzContext).Subscription.Id |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TaxiiLookbackPeriod
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Teams
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TenantId
TenantId。
| Type: | String |
| Position: | Named |
| Default value: | (Get-AzContext).Tenant.Id |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UiConfigConnectivityCriterion
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]若要构造,请参阅 UICONFIGCONNECTIVITYCRITERION 属性的 NOTES 部分,并创建哈希表。
| Type: | ConnectivityCriteria[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UiConfigCustomImage
[Parameter(ParameterSetName = 'APIPolling')]
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UiConfigDataType
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]若要构造,请参阅 UICONFIGDATATYPE 属性的 NOTES 部分并创建哈希表。
| Type: | LastDataReceivedDataType[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UiConfigDescriptionMarkdown
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UiConfigGraphQueriesTableName
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UiConfigGraphQuery
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]若要构造,请参阅 UICONFIGGRAPHQUERY 属性的 NOTES 部分,并创建哈希表。
| Type: | GraphQueries[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UiConfigInstructionStep
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]若要构造,请参阅 UICONFIGINSTRUCTIONSTEP 属性的 NOTES 部分并创建哈希表。
| Type: | InstructionSteps[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UiConfigPublisher
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UiConfigSampleQuery
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]若要构造,请参阅 UICONFIGSAMPLEQUERY 属性的 NOTES 部分并创建哈希表。
| Type: | SampleQueries[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UiConfigTitle
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UserName
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
显示运行该 cmdlet 时会发生什么情况。
cmdlet 未运行。
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WorkspaceId
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WorkspaceName
工作区的名称。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
输出
DataConnector
备注
别名
复杂参数属性
若要创建下面所述的参数,请构造一个包含相应属性的哈希表。 有关哈希表的信息,请运行 Get-Help about_Hash_Tables。
PERMISSIONCUSTOM <PermissionsCustomsItem[]>:[Parameter(ParameterSetName = 'APIPolling')]
[Description <String>]:海关权限说明[Name <String>]:海关权限名称
PERMISSIONRESOURCEPROVIDER <PermissionsResourceProviderItem[]>:[Parameter(ParameterSetName = 'APIPolling')]
[PermissionsDisplayText <String>]:权限说明文本[Provider <ProviderName?>]:提供程序名称[ProviderDisplayName <String>]:权限提供程序显示名称[RequiredPermissionAction <Boolean?>]:操作权限[RequiredPermissionDelete <Boolean?>]:删除权限[RequiredPermissionRead <Boolean?>]:读取权限[RequiredPermissionWrite <Boolean?>]:写入权限[Scope <PermissionProviderScope?>]:权限提供程序范围
UICONFIGCONNECTIVITYCRITERION <ConnectivityCriteria[]>:[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
[Type <ConnectivityType?>]:连接类型[Value <String[]>]:用于检查连接的查询
UICONFIGDATATYPE <LastDataReceivedDataType[]>:[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
[LastDataReceivedQuery <String>]:查询指示收到的最后一个数据[Name <String>]:要显示在图形中的数据类型的名称。 可与 {{graphQueriesTableName}} 占位符一起使用
UICONFIGGRAPHQUERY <GraphQueries[]>:[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
[BaseQuery <String>]:图形的基本查询[Legend <String>]:图形的图例[MetricName <String>]:查询检查的指标
UICONFIGINSTRUCTIONSTEP <InstructionSteps[]>:[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
[Description <String>]:说明步骤说明[Instruction <IConnectorInstructionModelBase[]>]:说明步骤详细信息
Type <SettingType>:设置的类型[Parameter <IAny>]:设置的参数
[Title <String>]:说明步骤标题
UICONFIGSAMPLEQUERY <SampleQueries[]>:[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
[Description <String>]:示例查询说明[Query <String>]:示例查询
