| title | description | author | ms.topic | ms.date | ms.service | ms.author | ms.collection |
|---|---|---|---|---|---|---|---|
Orca Security Alerts connector for Microsoft Sentinel |
Learn how to install the connector Orca Security Alerts to connect your data source to Microsoft Sentinel. |
cwatson-cat |
how-to |
04/26/2024 |
microsoft-sentinel |
cwatson |
sentinel-data-connector |
The Orca Security Alerts connector allows you to easily export Alerts logs to Microsoft Sentinel.
This is autogenerated content. For changes, contact the solution provider.
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | OrcaAlerts_CL |
| Data collection rules support | Not currently supported |
| Supported by | Orca Security |
Fetch all service vulnerabilities on running asset
OrcaAlerts_CL
| where alert_type_s == "service_vulnerability"
| where asset_state_s == "running"
| sort by TimeGenerated Fetch all alerts with "remote_code_execution" label
OrcaAlerts_CL
| where split(alert_labels_s, ",") contains("remote_code_execution")
| sort by TimeGenerated Follow guidance for integrating Orca Security Alerts logs with Microsoft Sentinel.
For more information, go to the related solution in the Azure Marketplace.