Skip to content

Commit

Permalink
Merge branch 'main' into workbook
Browse files Browse the repository at this point in the history
  • Loading branch information
@FrodeHus
FrodeHus authored Dec 18, 2024
2 parents 5a52299 + fbfec09 commit 094fc24
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ This deployment will create:
- Data Collection Rules
- Custom tables for Azure Log Analytics Workspace (LAW)
- ASIM parsers
- Workbook
- Azure Function App
- Managed identity with role assignments to read Key Vault secrets and query the workspace

Expand All @@ -54,6 +55,12 @@ The following ASIM parsers are deployed:
- **vimAuthenticationBeyondTrust**: Follows the [Authentication](https://learn.microsoft.com/en-us/azure/sentinel/normalization-schema-authentication) schema to integrate with the `imAuthentication` unified parser to provide authentication events.
- **vimAuditBeyondTrust**: Follows the [AuditEvent](https://learn.microsoft.com/en-us/azure/sentinel/normalization-schema-audit) schema to integrate with the `imAuditEvent` unified parser to provide audit events.

### Workbooks

The following workbooks are deployed:

- **BeyondTrust SignIns**: Shows BeyondTrust usage, authentication events, jump item sessions and audit events.

## What It Provides

- Automated data collection from BeyondTrust API
Expand Down

0 comments on commit 094fc24

Please sign in to comment.