Microsoft Sentinel - Run Query - Cisco XDR Connect

This atomic belongs to the Microsoft Sentinel atomic group.

This atomic fetches Log analytics table data.

Target: Microsoft Sentinel Log Analytics

Steps:

Build the request payload
Fetch table data
Check if the request was successful:
- If it was, set the output variable
- If it wasn't, output an error

More information about this API: https://learn.microsoft.com/en-us/rest/api/loganalytics/query/get?view=rest-loganalytics-2022-10-27-preview&tabs=HTTP

Integration

Microsoft Sentinel

Authorship

Cisco Managed