Enriching Data

• Threat Intel Lookup
  • Notebook
  • TILookup class
  • Available Providers
  • Loading TI Providers
  • Configuration File
  • Looking up IoCs
  • Provider Usage
  • Inferring IoC type vs specifying explicitly
  • Looking up Multiple IoCs
  • Browsing and Selecting TI Results
  • Specifying Time Ranges
• GeoIP Lookup
  • Introduction
  • Importing the GeoIP classes
  • Maxmind Geo-IP Lite Lookup Class
  • IPStack Geo-lookup Class
  • Taking input from a pandas DataFrame
  • Creating a Custom GeopIP Lookup Class
  • Calculating Geographical Distances
  • See also
• Azure Data Enrichment
  • Description
  • Instantiating and Connecting with an Azure Data Connector
  • Get Azure Subscription Details
  • Get Azure Resource Details
  • Get Azure Network Details
  • Get Azure Metrics
• Microsoft Sentinel APIs
  • Microsoft Sentinel Analytics
  • Microsoft Sentinel Bookmarks
  • Microsoft Sentinel Incidents
  • Microsoft Sentinel Watchlists
  • Microsoft Sentinel Search
  • Description
  • Instantiating and Connecting the Microsoft Sentinel API Connector
  • Get Microsoft Sentinel Workspaces
  • Incidents
  • Hunting Queries
  • Analytics
  • Bookmarks
  • Watchlists
  • Search