HTTP Actions in Security Automation

In this video you will learn how to leverage the HTTP action to invoke a Azure Rest API in Logic Apps. You will explore Azure Security Center, Logic App versions, Managed System identity combined with a few actions to start invoking a Azure rest api. You will learn about the HTTP and Date & Time actions. Along the way you will be provided tips and tricks and learn some additional techniques in authoring Security Automation in Logic Apps. #AzureSentinel #AzureSecurityCenter #AzureDefender #LogicApps #SecurityAutomation #AzureSecurity

********************************** Links 🔗 ********************************** Walkthrough in blog:

Azure Activity Logs - List API: https://docs.microsoft.com/en-us/rest/api/monitor/activity-logs/ Azure Sentinel Playbooks: https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks Azure Security Center Workflow Automation: https://github.com/Azure/Azure-Security-Center/tree/main/Workflow%20automation Working with Logic App Parameters While Building Azure Security Center Automations: https://techcommunity.microsoft.com/t5/azure-security-center/working-with-logic-app-parameters-while-building-azure-security/ba-p/1342121

********************************** Chapters 📚 ****************************** 01:25 - Activity Logs - List API 06:24 - Logic App versions blade 09:15 - Create variable Azure ResourceID from entity array 13:12 - Build out Date Time stamp variables 16:50 - Create HTTP Action to call API 18:12 - Setup Logic App managed identity for authentication 22:40 - Build out HTTP Action to call API 25:25 - George Wilburn's extract Working with Logic App parameters 28:00 - Test Logic App HTTP Action API call and results 33:45 - Commenting your Logic Apps

**************************** Music 🎶 & Credits 🧾 ************************** Warlike from A Year To Remember by Neaon Link: https://neaon.bandcamp.com/track/warlike