Microsoft Sentinel Analytic Rules
cloudbrothers.infoAzure Sentinel RepoToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeBack to homepage
  1. Microsoft Sentinel Analytics Rules
  2. /
  3. Analytic Rules
  4. /
  5. Dynatrace - Problem detection

Dynatrace - Problem detection

Back
Id415978ff-074e-4203-824a-b06153d77bf7
RulenameDynatrace - Problem detection
DescriptionDetect application & infrastructure problems in your environment
SeverityInformational
TacticsDefenseEvasion
Execution
Impact
InitialAccess
LateralMovement
Persistence
PrivilegeEscalation
Required data connectorsDynatraceProblems
KindScheduled
Query frequency1d
Query period1d
Trigger threshold0
Trigger operatorgt
Source Urihttps://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Dynatrace/Analytic Rules/Dynatrace_ProblemDetection.yaml
Version1.0.2
Arm template415978ff-074e-4203-824a-b06153d77bf7.json
Deploy To Azure
DynatraceProblems
| summarize  arg_max(StartTime, *) by ProblemId

eventGroupingSettings:
  aggregationKind: AlertPerResult
requiredDataConnectors:
- connectorId: DynatraceProblems
  dataTypes:
  - DynatraceProblems
kind: Scheduled
OriginalUri: https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Dynatrace/Analytic Rules/Dynatrace_ProblemDetection.yaml
triggerThreshold: 0
status: Available
customDetails:
  SeverityLevel: SeverityLevel
  ImpactLevel: ImpactLevel
  ProblemIdentifier: ProblemId
  DisplayIdentifier: DisplayId
queryPeriod: 1d
requiredTechniques:
- T1140
- T1059
- T1565
- T1659
- T1210
- T1554
- T1548
name: Dynatrace - Problem detection
alertDetailsOverride:
  alertSeverityColumnName: Severity
  alertDisplayNameFormat: 'Dynatrace problem detected - {{DisplayId}} : {{Title}}'
  alertDescriptionFormat: |
        A application and/or infrastructure problem has been detected in your environment
queryFrequency: 1d
triggerOperator: gt
incidentConfiguration:
  createIncident: false
  groupingConfiguration:
    matchingMethod: AllEntities
    lookbackDuration: PT5H
    enabled: false
    reopenClosedIncident: false
description: |
    'Detect application & infrastructure problems in your environment'
tactics:
- DefenseEvasion
- Execution
- Impact
- InitialAccess
- LateralMovement
- Persistence
- PrivilegeEscalation
severity: Informational
version: 1.0.2
query: |
  DynatraceProblems
  | summarize  arg_max(StartTime, *) by ProblemId  
id: 415978ff-074e-4203-824a-b06153d77bf7