问题描述
通过python调用https://graph.microsoft.com/v1.0/security/alerts时,返回的属性不反映文档中的内容。即:类别(每个文档)=类别字符串警报的类别(例如credentialTheft,勒索软件等)。
我正在获取类别的GUID。其他属性(例如identityIds)为空白...
"id": "redacted","azureTenantId": "redacted","azureSubscriptionId": "redacted","riskscore": null,"tags": [],"activityGroupName": null,"assignedTo": null,"category": "e573729c-f65f-46cc-b31b-f5ad7c32ff59_aa5de612-30f2-4e66-8a7f-da99b946ce54","closedDateTime": null,"comments": [],"confidence": null,"createdDateTime": "2020-10-18T18:54:41.9442907Z","description": "Identifies when a rare Resource and ResourceGroup deployment occurs by a prevIoUsly unseen Caller.","detectionIds": [],"eventDateTime": "2020-10-04T18:49:39.9931844Z","Feedback": null,"incidentIds": [],"lastModifiedDateTime": "2020-10-18T18:54:42.0552251Z","recommendedActions": [],"severity": "low","sourceMaterials": [],"status": "newAlert","title": "SuspicIoUs Resource deployment","vendorinformation": {
"provider": "Azure Sentinel","providerVersion": null,"subProvider": null,"vendor": "Microsoft"
},"cloudAppStates": [],"fileStates": [],"hostStates": [],"historyStates": [],"malwareStates": [],"networkConnections": [],"processes": [],"registryKeyStates": [],"securityResources": [],"triggers": [],有人有什么想法吗?
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)