你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
New-AzSentinelDataConnector
语法
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
[-Alerts <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
[-CommonDataServiceActivity <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
[-Alerts <String>]
[-DiscoveryLog <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
[-Alerts <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
[-BingSafetyPhishingURL <String>]
[-BingSafetyPhishingUrlLookbackPeriod <String>]
[-MicrosoftEmergingThreatFeed <String>]
[-MicrosoftEmergingThreatFeedLookbackPeriod <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
[-Incident <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
[-Exchange <String>]
[-SharePoint <String>]
[-Teams <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
[-Alerts <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
[-Alerts <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
[-Indicator <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-TenantId <String>]
-WorkspaceId <String>
-FriendlyName <String>
-APIRootURL <String>
-CollectionId <String>
-PollingFrequency <PollingFrequency>
[-UserName <String>]
[-Password <String>]
[-TaxiiLookbackPeriod <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
[-Alerts <String>]
-ASCSubscriptionId <String>
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
-AWSRoleArn <String>
[-Log <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
-AWSRoleArn <String>
-Log <String>
-SQSURL <String[]>
-DetinationTable <String>
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzSentinelDataConnector
-ResourceGroupName <String>
-WorkspaceName <String>
[-SubscriptionId <String>]
[-Id <String>]
-Kind <DataConnectorKind>
-UiConfigTitle <String>
-UiConfigPublisher <String>
-UiConfigDescriptionMarkdown <String>
-UiConfigGraphQueriesTableName <String>
-UiConfigGraphQuery <GraphQueries[]>
-UiConfigSampleQuery <SampleQueries[]>
-UiConfigDataType <LastDataReceivedDataType[]>
-UiConfigConnectivityCriterion <ConnectivityCriteria[]>
-AvailabilityIsPreview <Boolean>
-UiConfigInstructionStep <InstructionSteps[]>
[-UiConfigCustomImage <String>]
[-AvailabilityStatus <Int32>]
[-PermissionResourceProvider <PermissionsResourceProviderItem[]>]
[-PermissionCustom <PermissionsCustomsItem[]>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
说明
创建或更新数据连接器。
示例
示例 1:启用数据连接器。
New-AzSentinelDataConnector -ResourceGroupName "myResourceGroupName" -WorkspaceName "myWorkspaceName" -Kind 'MicrosoftThreatIntelligence' -BingSafetyPhishingURL Enabled -BingSafetyPhishingUrlLookbackPeriod All -MicrosoftEmergingThreatFeed Enabled -MicrosoftEmergingThreatFeedLookbackPeriod All
此命令启用威胁情报数据连接器
参数
-Alerts
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-APIRootURL
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-ASCSubscriptionId
ASC 订阅 ID。
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-AsJob
以作业身份运行命令
| 类型: | SwitchParameter |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-AvailabilityIsPreview
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
| 类型: | Boolean |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-AvailabilityStatus
[Parameter(ParameterSetName = 'APIPolling')]
| 类型: | Int32 |
| Position: | Named |
| 默认值: | 1 |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-AWSRoleArn
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-BingSafetyPhishingURL
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-BingSafetyPhishingUrlLookbackPeriod
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-CollectionId
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-CommonDataServiceActivity
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-Confirm
提示你在运行 cmdlet 之前进行确认。
| 类型: | SwitchParameter |
| 别名: | cf |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-DefaultProfile
用于与 Azure 通信的凭据、帐户、租户和订阅。
| 类型: | PSObject |
| 别名: | AzureRMContext, AzureCredential |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-DetinationTable
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-DiscoveryLog
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-Exchange
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-FriendlyName
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-Id
数据连接器的 ID。
| 类型: | String |
| Position: | Named |
| 默认值: | (New-Guid).Guid |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-Incident
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-Indicator
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-Kind
-Log
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-MicrosoftEmergingThreatFeed
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-MicrosoftEmergingThreatFeedLookbackPeriod
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-NoWait
异步运行命令
| 类型: | SwitchParameter |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-Password
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-PermissionCustom
[Parameter(ParameterSetName = 'APIPolling')]若要构造,请参阅 PERMISSIONCUSTOM 属性的 NOTES 部分并创建哈希表。
-PermissionResourceProvider
[Parameter(ParameterSetName = 'APIPolling')]若要构造,请参阅 PERMISSIONRESOURCEPROVIDER 属性的 NOTES 部分并创建哈希表。
-PollingFrequency
-ResourceGroupName
资源组名称。
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-SharePoint
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-SQSURL
| 类型: | String[] |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-SubscriptionId
获取唯一标识Microsoft Azure 订阅的订阅凭据。
此订阅 ID 是每个服务调用的 URI 的一部分。
| 类型: | String |
| Position: | Named |
| 默认值: | (Get-AzContext).Subscription.Id |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-TaxiiLookbackPeriod
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-Teams
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-TenantId
TenantId。
| 类型: | String |
| Position: | Named |
| 默认值: | (Get-AzContext).Tenant.Id |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-UiConfigConnectivityCriterion
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]若要构造,请参阅 UICONFIGCONNECTIVITYCRITERION 属性的 NOTES 部分,并创建哈希表。
-UiConfigCustomImage
[Parameter(ParameterSetName = 'APIPolling')]
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-UiConfigDataType
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]若要构造,请参阅 UICONFIGDATATYPE 属性的 NOTES 部分并创建哈希表。
-UiConfigDescriptionMarkdown
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-UiConfigGraphQueriesTableName
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-UiConfigGraphQuery
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]若要构造,请参阅 UICONFIGGRAPHQUERY 属性的 NOTES 部分,并创建哈希表。
| 类型: | GraphQueries[] |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-UiConfigInstructionStep
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]若要构造,请参阅 UICONFIGINSTRUCTIONSTEP 属性的 NOTES 部分并创建哈希表。
-UiConfigPublisher
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-UiConfigSampleQuery
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]若要构造,请参阅 UICONFIGSAMPLEQUERY 属性的 NOTES 部分并创建哈希表。
| 类型: | SampleQueries[] |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-UiConfigTitle
[Parameter(ParameterSetName = 'APIPolling', Mandatory)]
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-UserName
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-WhatIf
显示运行该 cmdlet 时会发生什么情况。
cmdlet 未运行。
| 类型: | SwitchParameter |
| 别名: | wi |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-WorkspaceId
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-WorkspaceName
工作区的名称。
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
输出
DataConnector
