Contents x
      Observables Engine 1.1.1
      • 02 Apr 2025
      • 1 Minute to read
      • Dark
        Light
      • PDF
      Contents

      Observables Engine 1.1.1

      • Updated on 02 Apr 2025
      • 1 Minute to read
      • Dark
        Light
      • PDF
      Article summary

      Observables Engine - 1.1.1

      tags: python | azure blob | observables

      Table of Contents

      Description

      Observables engine handles observables configuration operations.CLIs as replace, extend and get observables schema configuration.

      CDC Command Lines

      * **extend_schemas_configuration_cli**
      This Command line interface of CDC is used to replace/upload file from CDC to azure blob. Input files must be in ".yaml" format only. Example: extend_schemas_configuration_cli --schemas_config_file_name=extend_config.yaml

      |Option|Type|Description|Required|
      | :--- | :--- | :--- | :--- |
      |schemas_config_file_name|string|Schemas config file name|True|

      * **get_schemas_details_cli**
      This Command line is used to fetch observables schema details. Example: get_schemas_details_cli --download_file=true --products=["ms_sentinel"] --types=["base_events"] --names=["device"] --limit=2

      |Option|Type|Description|Required|
      | :--- | :--- | :--- | :--- |
      |download_file|boolean|Attach file in original format.|False|
      |products|array|List of products to extract from schema records.|False|
      |types|array|List of types to extract from schema records.|False|
      |names|array|List of names to extract from schema records.|False|
      |limit|integer|Limit number of records to extract from schema records.|False|

      * **replace_schemas_configuration_cli**
      This Command line interface of CDC is used to replace/upload file from CDC to azure blob. Input files must be in ".yaml" format only. Example: replace_schemas_configuration_cli --schemas_config_file_name=config.yaml

      |Option|Type|Description|Required|
      | :--- | :--- | :--- | :--- |
      |schemas_config_file_name|string|Schemas config file name|True|

      Workflows

      * **extend_schemas_configuration**
      This Command line interface of CDC is used to replace/upload file from CDC to azure blob. Input files must be in ".yaml" format only.

      * **get_file_content_subworkflow**
      This workflow is used to get content of yaml file attached to cdc incident or alert or channel.

      * **get_schema_records**
      Get schema records

      * **get_schemas_details**
      This workflow is used for getting details about observables schema

      * **replace_schemas_configuration**
      This Command line interface of CDC is used to replace/upload file from CDC to azure blob. Input files must be in ".yaml" format only.

      Rules

      No rules

      Sensors

      No sensors

      Triggers

      No triggers

      Known Issues

      No issues

      Was this article helpful?
      What's Next