English 中文(简体)
Zar3 - msticpy - 如何更新Sentinel事件标签?
原标题:Python3 - msticpy - how to update Azure Sentinel Incident label?

I am attempting to update an Azure Sentinel incident label using msticpy. I can successfully modify other properties, but labels is not accepting the API call. Could anyone provide insight?

环境

• 机器学习室说明

缩略语

    from msticpy.data.azure import AzureData, MicrosoftSentinel
    azs = MicrosoftSentinel()
    azs.connect()
    azs.update_incident(incident_id = "INCIDENTID8", update_items = { labels : 
    [{ labelName :  test ,  labelType :  User }]})

错误:

HTTPStatus错误: Client error 400 Bad Request for url https://management.azure.com/subscriptions/SUBSCRIPTIONID/resourceGroups/RESOURCEGROUP/providers/Microsoft.OperationalInsights/workspaces/WORKSPACE/providers/Microsoft.SecurityInsights/incidents/INCIDENTID?api-version=2020-01-01 For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400

问题回答

您需要使用<代码>get_incident方法,首先返还一个事件物体。 然后,你可以更改或添加来自那里的标签。

incident_id = "GUID HERE" # You can pass a name to get_incident, but it s not guaranteed to be unique
incident = azs.get_incident(incident_id)

new_label_name = "test"
new_label_type = "user"
new_label = IncidentLabel(label_name=new_label_name, label_type=new_label_type)

incident.labels[new_label_name] = new_label

azs.update_incident(incident)
时间:2024-04-18 03:02:41


上一篇:
下一篇:


相关问题
Can Django models use MySQL functions?

Is there a way to force Django models to pass a field to a MySQL function every time the model data is read or loaded? To clarify what I mean in SQL, I want the Django model to produce something like ...

时间:2009-11-13 13:56:25 回答:6 展示:1
An enterprise scheduler for python (like quartz)

I am looking for an enterprise tasks scheduler for python, like quartz is for Java. Requirements: Persistent: if the process restarts or the machine restarts, then all the jobs must stay there and ...

时间:2009-11-13 04:31:57 回答:4 展示:1
How to remove unique, then duplicate dictionaries in a list?

Given the following list that contains some duplicate and some unique dictionaries, what is the best method to remove unique dictionaries first, then reduce the duplicate dictionaries to single ...

时间:2009-11-13 03:19:51 回答:7 展示:1
What is suggested seed value to use with random.seed()?

Simple enough question: I m using python random module to generate random integers. I want to know what is the suggested value to use with the random.seed() function? Currently I am letting this ...

时间:2009-11-09 18:56:16 回答:5 展示:1
How can I make the PyDev editor selectively ignore errors?

I m using PyDev under Eclipse to write some Jython code. I ve got numerous instances where I need to do something like this: import com.work.project.component.client.Interface.ISubInterface as ...

时间:2009-11-09 16:14:56 回答:4 展示:1
How do I profile `paster serve` s startup time?

Python s paster serve app.ini is taking longer than I would like to be ready for the first request. I know how to profile requests with middleware, but how do I profile the initialization time? I ...

时间:2009-11-09 16:11:39 回答:3 展示:1
Pragmatically adding give-aways/freebies to an online store

Our business currently has an online store and recently we ve been offering free specials to our customers. Right now, we simply display the special and give the buyer a notice stating we will add the ...

时间:2009-11-09 15:59:13 回答:2 展示:1
Converting Dictionary to List? [duplicate]

I m trying to convert a Python dictionary into a Python list, in order to perform some calculations. #My dictionary dict = {} dict[ Capital ]="London" dict[ Food ]="Fish&Chips" dict[ 2012 ]="...

时间:2009-11-05 09:34:18 回答:7 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全