- 30 Jun 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Microsoft Azure - Send JSON to Azure Storage
- Updated on 30 Jun 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Microsoft Azure - Send JSON to Azure Storage takes the saved query supplied as a trigger (or assets that have been selected in the asset table), creates a JSON file, and sends it to Azure Storage.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
General Settings
- Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
Required Fields
These fields must be configured to run the Enforcement Set.
- Data storage - Select the type of data storage:
- File share - Saves the CSV file to a standard file share. When File shares is selected, the following required fields appear:
- File share and File name - The file share and file name under the storage account.
- Blob containers - Saves the CSV file to a blob container. When selected, the following required fields appear:
- Blob container - The name of the blob container.
- Blob name - The name of the specific blob.
- Blob type - Select the blob type: Block blob (default) or Append blob.
- File share - Saves the CSV file to a standard file share. When File shares is selected, the following required fields appear:
- SAS token - SAS token associated with a user account that has the Required Permissions to create a file.
- Storage account - The storage account name.
- Append date and time at the end of the file name - Appends the current date and time to the file name of the CSV file.
- Directory path - Specify the directory path. When no path is specified, the file will be created under the file share directly. This field is not available when Blob storage is being used.
Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
Additional Fields
These fields are optional.
- Always export aggregated fields as arrays - Select this option to always represent aggregated fields as arrays in the JSON file that is created.
APIs
Axonius uses the Azure Storage - Create File API.
Required Permissions
The value supplied in SAS token must be associated with a user account that has the required permissions to create a file.
To create a SAS token:
- Connect to your storage account.
- From the left navigation menu, select Shared access signature.
- Configure the access signature:
- Allowed services - select File.
- Allowed permissions - select: Read, Write, Create
- Click Generate SAS and connection string to generate a SAS token.
For details on creating a SAS token, see Grant limited access to Azure Storage resources using shared access signatures (SAS).
For more details about other Enforcement Actions available, see Action Library.