Enriching Data

• Threat Intel Lookup
  • Notebook
  • Features
  • Introduction/Quickstart
  • Configuring TI providers
  • TILookup class
  • Querying and Configuring the Pivot TILookup
  • Listing Available Providers
  • Loading TI Providers
  • Looking up IoCs
  • Looking up Multiple IoCs
  • Inferring IoC type vs specifying explicitly
  • Browsing and Selecting TI Results
  • Advanced Provider Usage - Query types
  • Specifying Time Ranges
• GeoIP Lookup
  • Introduction
  • Importing the GeoIP classes
  • Maxmind Geo-IP Lite Lookup Class
  • IPStack Geo-lookup Class
  • Taking input from a pandas DataFrame
  • Creating a Custom GeopIP Lookup Class
  • Calculating Geographical Distances
  • See also
• Azure Data Enrichment
  • Description
  • Instantiating and Connecting with an Azure Data Connector
  • Get Azure Subscription Details
  • Get Azure Resource Details
  • Get Azure Network Details
  • Get Azure Metrics
• Microsoft Sentinel APIs
  • Microsoft Sentinel Analytics
  • Microsoft Sentinel Bookmarks
  • Microsoft Sentinel Dynamic Summaries
  • Microsoft Sentinel Incidents
  • Microsoft Sentinel Watchlists
  • Microsoft Sentinel Search
  • Microsoft Sentinel Workspaces
  • Microsoft Sentinel Threat Intelligence
  • Description
  • Instantiating and Connecting the Microsoft Sentinel API Connector
  • Get Microsoft Sentinel Workspaces
  • Incidents
  • Hunting Queries
  • Analytics
  • Bookmarks
  • Watchlists
  • Search
• IP Whois Enrichment
  • IP Lookups
  • ASN Lookups