如何解决图形API安全警报属性为空白或GUID
通过python调用https://graph.microsoft.com/v1.0/security/alerts时,返回的属性不反映文档中的内容。即:类别(每个文档)=类别字符串警报的类别(例如credentialTheft,勒索软件等)。
我正在获取类别的GUID。其他属性(例如identityIds)为空白...
"id": "redacted","azureTenantId": "redacted","azureSubscriptionId": "redacted","riskscore": null,"tags": [],"activityGroupName": null,"assignedTo": null,"category": "e573729c-f65f-46cc-b31b-f5ad7c32ff59_aa5de612-30f2-4e66-8a7f-da99b946ce54","closedDateTime": null,"comments": [],"confidence": null,"createdDateTime": "2020-10-18T18:54:41.9442907Z","description": "Identifies when a rare Resource and ResourceGroup deployment occurs by a prevIoUsly unseen Caller.","detectionIds": [],"eventDateTime": "2020-10-04T18:49:39.9931844Z","Feedback": null,"incidentIds": [],"lastModifiedDateTime": "2020-10-18T18:54:42.0552251Z","recommendedActions": [],"severity": "low","sourceMaterials": [],"status": "newAlert","title": "SuspicIoUs Resource deployment","vendorinformation": {
"provider": "Azure Sentinel","providerVersion": null,"subProvider": null,"vendor": "Microsoft"
},"cloudAppStates": [],"fileStates": [],"hostStates": [],"historyStates": [],"malwareStates": [],"networkConnections": [],"processes": [],"registryKeyStates": [],"securityResources": [],"triggers": [],有人有什么想法吗?
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
