Comments (2)
briandelmsft
commented on June 22, 2024
It's possible, but will require a manual manipulation of the Related Alerts module output before passing it to the scoring module. To bypass the scoring, you will need to change the 'AllTacticsCount' to 0 before passing it to the scoring module.
To do this, after the related alerts module runs, add a compose step to the logic app and in the compose step add the following using the expression editor:
setProperty(body('Related_Alerts_Module'),'AllTacticsCount',0)
You may need to change the Related_Alerts_Module part if your step name for this module has been changed from the default.
Then when you pass the related alerts body to the scoring module, pass the compose output in place of the Related Alerts Module Body.
It should look something like this:
from sentinelautomationmodules.
mikedizzle
commented on June 22, 2024
Excellent. Thank you for this. I'm going to create a feature request to have this available as a parameter in the related alerts mod action. I'll do this in the meantime.
from sentinelautomationmodules.
Related Issues (20)
- Deployment via Azure Lighthouse HOT 2
- STAT v2 - Update Sample Template
- Allow for use of User Assigned Managed Identity HOT 3
- STAT v2 Preview - Problems with the Sample-STAT-Triage Playbooks HOT 2
- Run playbook module error 400 bad request HOT 7
- [QUESTION] Get-MDEInsights Module Issue HOT 10
- [Feature] GrantPermissions - Fail if Connect-MgGraph or Login-AzAccount fail HOT 1
- STATv2 - Remove App Insights from Deployment
- [QUESTION] STATv2 preview without public storage account HOT 1
- [BUG] Wrong data in "ID" variable from MDE-Module - STAT v2 HOT 4
- [QUESTION] STAT V2 AAD Risk Module 403 Forbidden HOT 3
- [BUG] Deploy - Deploy/GrantPermissions.ps1 does not work HOT 8
- [BUG] MDE - Links to entities are broken HOT 2
- [BUG] Base Module - custom entity array incorrectly processed HOT 5
- [Feature] Monitor executions and consumption HOT 1
- [Feature] Suspicious Behaviour Searches
- [BUG] STAT Quick Deploy HOT 6
- [BUG] DeployPermissions.ps1 HOT 3
- [Feature] Add tags to incident HOT 1
- [QUESTION] Incident comments - max lines HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sentinelautomationmodules.