automation_rules
Creates, updates, deletes, gets or lists an automation_rules resource.
Overview
| Name | automation_rules |
| Type | Resource |
| Id | azure.sentinel.automation_rules |
Fields
The following fields are returned by SELECT queries:
- get
- list
| Name | Datatype | Description |
|---|---|---|
etag | string | Etag of the azure resource |
properties | object | Automation rule properties |
| Name | Datatype | Description |
|---|---|---|
etag | string | Etag of the azure resource |
properties | object | Automation rule properties |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | subscriptionId, resourceGroupName, workspaceName, automationRuleId | Gets the automation rule. | |
list | select | subscriptionId, resourceGroupName, workspaceName | Gets all automation rules. | |
create_or_update | insert | subscriptionId, resourceGroupName, workspaceName, automationRuleId, data__properties | Creates or updates the automation rule. | |
delete | delete | subscriptionId, resourceGroupName, workspaceName, automationRuleId | Delete the automation rule. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
automationRuleId | string | Automation rule ID |
resourceGroupName | string | The name of the resource group. The name is case insensitive. |
subscriptionId | string | The ID of the target subscription. |
workspaceName | string | The name of the workspace. |
SELECT examples
- get
- list
Gets the automation rule.
SELECT
etag,
properties
FROM azure.sentinel.automation_rules
WHERE subscriptionId = '{{ subscriptionId }}' -- required
AND resourceGroupName = '{{ resourceGroupName }}' -- required
AND workspaceName = '{{ workspaceName }}' -- required
AND automationRuleId = '{{ automationRuleId }}' -- required
;
Gets all automation rules.
SELECT
etag,
properties
FROM azure.sentinel.automation_rules
WHERE subscriptionId = '{{ subscriptionId }}' -- required
AND resourceGroupName = '{{ resourceGroupName }}' -- required
AND workspaceName = '{{ workspaceName }}' -- required
;
INSERT examples
- create_or_update
- Manifest
Creates or updates the automation rule.
INSERT INTO azure.sentinel.automation_rules (
data__etag,
data__properties,
subscriptionId,
resourceGroupName,
workspaceName,
automationRuleId
)
SELECT
'{{ etag }}',
'{{ properties }}' /* required */,
'{{ subscriptionId }}',
'{{ resourceGroupName }}',
'{{ workspaceName }}',
'{{ automationRuleId }}'
RETURNING
etag,
properties
;
# Description fields are for documentation purposes
- name: automation_rules
props:
- name: subscriptionId
value: string
description: Required parameter for the automation_rules resource.
- name: resourceGroupName
value: string
description: Required parameter for the automation_rules resource.
- name: workspaceName
value: string
description: Required parameter for the automation_rules resource.
- name: automationRuleId
value: string
description: Required parameter for the automation_rules resource.
- name: etag
value: string
description: |
Etag of the azure resource
- name: properties
value: object
description: |
Automation rule properties
DELETE examples
- delete
Delete the automation rule.
DELETE FROM azure.sentinel.automation_rules
WHERE subscriptionId = '{{ subscriptionId }}' --required
AND resourceGroupName = '{{ resourceGroupName }}' --required
AND workspaceName = '{{ workspaceName }}' --required
AND automationRuleId = '{{ automationRuleId }}' --required
;