Workbook - WorkBook Usage Report missing fields for analytic rules due to using old preview API #9830
Comments
|
Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal. |
|
Hi @MikeP1375 , Thanks for flagging this issue, we will investigate this issue and get back to you with some updates by 02/02/2024. Thanks! |
|
Hi @MikeP1375 ,I am able to replicate the issue and working on further analysis ,will update you. |
|
Hi @MikeP1375 ,need some more time for applying those missing fields,working on it,will update you |
|
Hi @MikeP1375 ,I have modified the api call and added the fields in KQL query,Please find below screen shot for reference,will be raising the PR for the same, |
Hi @MikeP1375 ,Apologies for delayed response, Raised the PR,once merged,will close the issue |
Describe the bug
The workbook 'Workbook usage report' is using the 2202-06-01-preview api which does not include fields like Description, Severity for the display of analytic rules. The latest API version is 2023-11-01 which includes the fields.
https://learn.microsoft.com/en-us/rest/api/securityinsights/alert-rules/list?view=rest-securityinsights-2023-11-01&tabs=HTTP#code-try-0
Note - Workbook allows for the export of analytic rules.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Display fields Description, Severity. Updating the API version to 2023-11-01 would allow the additional information to be displayed.
Screenshots
The text was updated successfully, but these errors were encountered: