atlassian_beacon_alerts_CL
| project TimeGenerated, detectiontime_d, alert_created_t, alert_title_s, alertTitle_s, alert_url_s, alertDetailURL_s, activity_action_s, alert_product_s, activity_subject_ari_s, actor_name_s, actor_url_s, actor_sessions_s, atlassianAlertType_s, atlassianWorkspace_id_g, atlassianWorkspace_orgId_s, Type
description: |
'The analytic rule creates an incident when an alert is created in Atlassian Beacon. The incident's events contains values such as alert name, alert url, actor name, actor details, worskpace id of the atlassian beacon, etc. Navigate to the alertDetailURL to view more information on recommendations and remediations.'
version: 1.0.1
tactics: []
queryFrequency: 5m
query: |
atlassian_beacon_alerts_CL
| project TimeGenerated, detectiontime_d, alert_created_t, alert_title_s, alertTitle_s, alert_url_s, alertDetailURL_s, activity_action_s, alert_product_s, activity_subject_ari_s, actor_name_s, actor_url_s, actor_sessions_s, atlassianAlertType_s, atlassianWorkspace_id_g, atlassianWorkspace_orgId_s, Type
status: Available
triggerOperator: gt
kind: Scheduled
triggerThreshold: 0
queryPeriod: 5m
sentinelEntitiesMappings:
alertDetailsOverride:
alertDisplayNameFormat: Atlassian Beacon - {alertTitle_s}
suppressionEnabled: false
relevantTechniques: []
id: 83fbf6a2-f227-48f4-8e7b-0b0ecac2381b
suppressionDuration: 5h
entityMappings:
eventGroupingSettings:
aggregationKind: SingleAlert
severity: High
customDetails:
name: Atlassian Beacon Alert
incidentConfiguration:
groupingConfiguration:
lookbackDuration: 5h
enabled: true
reopenClosedIncident: false
matchingMethod: AllEntities
createIncident: true
OriginalUri: https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Integration for Atlassian Beacon/Analytic Rules/AtlassianBeacon_High.yaml
requiredDataConnectors:
- dataTypes:
- atlassian_beacon_alerts_CL
connectorId: AtlassianBeaconAlerts
