msticpy.context.azure.sentinel_bookmarks module
Mixin Classes for Sentinel Bookmark Features.
- class msticpy.context.azure.sentinel_bookmarks.SentinelBookmarksMixin
Bases:
object
Mixin class with Sentinel Bookmark integrations.
- create_bookmark(name: str, query: str, results: Optional[str] = None, notes: Optional[str] = None, labels: Optional[List[str]] = None)
Create a bookmark in the Sentinel Workpsace.
- Parameters
name (str) – The name of the bookmark to use
query (str) – The KQL query for the bookmark
results (str, optional) – The results of the query to include with the bookmark, by default None
notes (str, optional) – Any notes you want associated with the bookmark, by default None
labels (List[str], optional) – Any labels you want associated with the bookmark, by default None
- Raises
CloudError – If API retunrs an error.
- delete_bookmark(bookmark: str)
Delete the selected bookmark.
- Parameters
bookmark (str, optional) – The name or GIUD of the bookmark to delete.
- Raises
CloudError – If the API returns an error.