Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SentinelAlert entity creation #293

Merged
merged 14 commits into from Feb 1, 2022
Merged

SentinelAlert entity creation #293

merged 14 commits into from Feb 1, 2022

Conversation

petebryan
Copy link
Contributor

Updated Alert entity and created SentinelAlert entity to add new entity capabilities for these data types.
As part of this deprecating existing SecurityAlert entities in nbtools.

@petebryan petebryan marked this pull request as ready for review January 25, 2022 00:06
@petebryan petebryan added this to PR Submitted in January 2022 Hackathon Jan 25, 2022
@petebryan petebryan linked an issue Jan 25, 2022 that may be closed by this pull request
Restructure Security Alert into Entities #216
Closed
ianhelle
ianhelle previously approved these changes Jan 29, 2022
View reviewed changes
Copy link
Contributor

@ianhelle ianhelle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left some comments but looks great!

msticpy/datamodel/entities/alert.py Outdated Show resolved Hide resolved
msticpy/datamodel/soc/sentinel_alert.py Outdated Show resolved Hide resolved
msticpy/nbtools/security_alert.py Show resolved Hide resolved
msticpy/nbtools/security_base.py Show resolved Hide resolved
msticpy/nbtools/security_event.py Show resolved Hide resolved
@petebryan
Copy link
Contributor Author

What I would propose is we drop security_alert, security_base, and security_event in 2.0. We will need to update some notebooks before that though as SentinelAlert is not a direct replacement for SecurityAlert and neither is Alert.

@petebryan petebryan merged commit 59b1e3c into main Feb 1, 2022
@petebryan petebryan deleted the pebryan/2022-1-18_SecurityAlertEntity branch February 1, 2022 00:19
@petebryan petebryan moved this from PR Submitted to Done in January 2022 Hackathon Feb 1, 2022
juju4 pushed a commit to juju4/msticpy that referenced this pull request Jun 5, 2022
@petebryan
Merge pull request microsoft#293 from microsoft/pebryan/2022-1-18_Sec…
4f8a60a 
…urityAlertEntity

SentinelAlert entity creation
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ianhelle ianhelle ianhelle left review comments

Assignees
No one assigned
Labels
None yet
Projects
January 2022 Hackathon
Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Restructure Security Alert into Entities
2 participants
@petebryan @ianhelle