Azure Security Center v2

Unified security management and advanced threat protection across hybrid cloud workloads.

Analytics & SIEM · Microsoft Defender for Cloud

Configuration parameters

  • server_url — Microsoft Azure Management URL
  • auth_id — ID (received from the admin consent - see Detailed Instructions (?)
  • credentials_auth_id
  • tenant_id — Token (received from the admin consent - see Detailed Instructions (?) section)
  • credentials_tenant_id
  • enc_key — Key (received from the admin consent - see Detailed Instructions (?)
  • credentials_enc_key
  • certificate_thumbprint — Certificate Thumbprint
  • credentials_certificate_thumbprint
  • private_key — Private Key
  • default_sub_id — Default subscription ID to use
  • credentials_default_sub_id
  • resource_group_name — Default Resource Group Name
  • use_managed_identities — Use Azure Managed Identities
  • managed_identities_client_id
  • unsecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings
  • self_deployed — Use a self-deployed Azure Application

Commands (15)

  • azure-get-secure-score

    Retrieve the Secure Score for the provided subscription and score name.

  • azure-list-subscriptions

    Lists available subscriptions for this application.

  • azure-resource-group-list

    List all resource groups for a subscription.

  • azure-sc-auth-reset

    Run this command if for some reason you need to rerun the authentication process.

  • azure-sc-get-alert

    Gets an alert that is associated with a resource group or a subscription. The subscription_id argument is required in case it was not defined in the integration's configuration.

  • azure-sc-get-aps

    Returns details of a specific auto provisioning setting.

  • azure-sc-get-atp

    Returns the Advanced Threat Protection setting.

  • azure-sc-list-alert

    Lists alerts for the subscription according to the specified filters.

  • azure-sc-list-aps

    Lists auto provisioning settings in the subscription.

  • azure-sc-list-jit

    Lists all policies for protecting resources using Just-in-Time access control.

  • azure-sc-list-location

    The location of the responsible ASC of the specific subscription. For each subscription there is only one responsible location.

  • azure-sc-list-storage

    Lists all the storage accounts available under the subscription.

  • azure-sc-update-alert

    Update an alert's state.

  • azure-sc-update-aps

    Updates a specific auto provisioning setting.

  • azure-sc-update-atp

    Updates Advanced Threat Detection settings.