msticpy.context.azure.sentinel_utils module
Mixin Classes for Sentinel Utilities.
- class msticpy.context.azure.sentinel_utils.SentinelInstanceDetails(subscription_id: str, resource_group: str, workspace_name: str)
Bases:
object
Dataclass for Sentinel workspace details.
- classmethod from_resource_id(resource_id: str) SentinelInstanceDetails
Return SentinelInstanceDetails from a resource ID.
- resource_group: str
- property resource_id: str | None
Return the resource ID for the workspace.
- subscription_id: str
- workspace_name: str
- class msticpy.context.azure.sentinel_utils.SentinelUtilsMixin
Bases:
object
Mixin class for Sentinel core feature integrations.
- check_connected()
Check that Sentinel workspace is connected.
- msticpy.context.azure.sentinel_utils.build_sentinel_resource_id(subscription_id: str, resource_group: str, workspace_name: str) str
Build a MS Sentinel resource ID.
- Parameters:
subscription_id (str) – Subscription ID to use
resource_group (str) – Resource Group name to use
workspace_name (str) – Workspace name to user
- Returns:
The formatted resource ID.
- Return type:
str
- msticpy.context.azure.sentinel_utils.extract_sentinel_response(items: dict, props: bool = False, **kwargs) dict
Build request data body from items.
- Parameters:
items (dict) – A set pf items to be formated in the request body.
props (bool, optional) – Whether all items are to be built as properities. Default is false.
- Returns:
The request body formatted for the API.
- Return type:
dict
- msticpy.context.azure.sentinel_utils.parse_resource_id(res_id: str) Dict[str, Any]
Extract components from workspace resource ID.
- msticpy.context.azure.sentinel_utils.validate_resource_id(res_id)
Validate a Resource ID String and fix if needed.