This command requires the resourceGroupName argument. Run the 'azure-sc-list-location' command to get the ascLocation. The location where Azure Security Center stores the data of the subscription. The name of the resource group within the user's subscription. Lists alerts for the subscription according to the specified filters.Īzure-sc-list-alert Input # Argument Name You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook.Īfter you successfully execute a command, a DBot message appears in the War Room with the command details. You can find your organization's subscriptions list in the Microsoft Azure Portal > Subscriptions or by running the azure-list-subscriptions command.
Some commands require a subscription ID parameter in order to run.
Microsoft.Security/locations/alerts/read.Select a role that includes the following permissions:.Go to Subscriptions, and then Access Control (IAM).In order to assign a role to the application after consent was given:.After giving consent, the application has to have a role assigned so it can access the relevant resources per subscription. After authorizing the Demisto app, you will get an ID, Token, and Key, which should be inserted in the integration instance configuration's corresponding fields.Authentication #įor more details about the authentication used in this integration, see Microsoft Integrations - Authentication. With Security Center, you can apply security policies across your workloads, limit your exposure to threats, and detect and respond to attacks. Unified security management and advanced threat protection across hybrid cloud workloads.įor more information see Azure Security Center documentation Use Case # This Integration is part of the Microsoft Defender for Cloud Pack.
0 kommentar(er)
