![]() Get-GitHubRepoLogs Playbook - runs every hour and uses GitHub v3 API to query each repo in each Org for Forks, Clones, Commits, Referrers, Paths, Views, and Collaborators The returned data is written to the Azure Sentinel Workspace in GitHubRepoLogs_CL custom table. ![]() The returned data is written to the Azure Sentinel Workspace in GitHub_CL custom table. It pulls the most relevant used for the detections and hunting queries listed abpve. The GraphQL query doesn’t pull all of the Objects that implement AuditEntry Interface. Get-GitHubAuditEntry Playbook - runs every 5 minutes and uses GitHub v4 API (GraphQL) to query for a set of AuditEntry. This string is used to calculate the last record that was received and only query newer records since then.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |