IONIX Security Logs connector for Microsoft Sentinel
The IONIX Security Logs data connector, ingests logs from the IONIX system directly into Sentinel. The connector allows users to visualize their data, create alerts and incidents and improve security investigations.
This is autogenerated content. For changes, contact the solution provider.
Connector attributes
Connector attribute | Description |
---|---|
Log Analytics table(s) | CyberpionActionItems_CL |
Data collection rules support | Not currently supported |
Supported by | IONIX |
Query samples
Fetch latest Action Items that are currently open
let lookbackTime = 14d;
let maxTimeGeneratedBucket = toscalar(
CyberpionActionItems_CL
| where TimeGenerated > ago(lookbackTime)
| summarize max(bin(TimeGenerated, 1h))
);
CyberpionActionItems_CL
| where TimeGenerated > ago(lookbackTime) and is_open_b == true
| where bin(TimeGenerated, 1h) == maxTimeGeneratedBucket
Prerequisites
To integrate with IONIX Security Logs make sure you have:
- IONIX Subscription: a subscription and account is required for IONIX logs. One can be acquired here.
Vendor installation instructions
Follow the instructions to integrate IONIX Security Alerts into Sentinel.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Phản hồi
https://aka.ms/ContentUserFeedback.
Sắp ra mắt: Trong năm 2024, chúng tôi sẽ dần gỡ bỏ Sự cố với GitHub dưới dạng cơ chế phản hồi cho nội dung và thay thế bằng hệ thống phản hồi mới. Để biết thêm thông tin, hãy xem:Gửi và xem ý kiến phản hồi dành cho