Skip to content

Commit

Permalink
MDIoT DOS analytic rule entities
Browse files Browse the repository at this point in the history
  • Loading branch information
@idoscapa
idoscapa committed Jan 9, 2025
1 parent e8a87ea commit b2be59a
Showing 1 changed file with 3 additions and 9 deletions.
12 changes: 3 additions & 9 deletions Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTDenialofService.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,14 +47,8 @@ query: |
AlertManagementUri,
Techniques
entityMappings:
- entityType: IP
fieldMappings:
- identifier: Address
columnName: SourceDeviceAddress
- entityType: IP
fieldMappings:
- identifier: Address
columnName: DestDeviceAddress
sentinelEntitiesMappings:
- columnName: Entities
eventGroupingSettings:
aggregationKind: AlertPerResult
customDetails:
Expand All @@ -78,5 +72,5 @@ alertDetailsOverride:
value: ProductComponentName
- alertProperty: AlertLink
value: AlertLink
version: 1.0.2
version: 1.0.3
kind: Scheduled

0 comments on commit b2be59a

Please sign in to comment.