Configuration

<< Click to Display Table of Contents >>

Raynet One Data Hub > 14.0 u1 > Connectors > Alphabetic Connector List > Microsoft Azure ComputeInventory > Connector Parameters 

Configuration

Azure Environment Profile

This parameter defines the selected Azure Environment profile.

 

Technical Name

azure_environment

Category

Functional

Type

String

Default Value

"AZURE"

Example Values

"AZURE", "AZURE_US_GOVERNMENT", "AZURE_GERMANY", "AZURE_CHINA"

 

The Azure Cloud profile sets the cloud environment on which to execute all the queries (i.e. authentication and management endpoints etc.).

Available profiles are: "AZURE", "AZURE_US_GOVERNMENT", "AZURE_GERMANY","AZURE_CHINA".

Profiles can be also set as lower case or first letter capitalized (`azure`, `Azure_Germany`).

More information about Azure Cloud profiles can be found here.

 

Subscription IDs

A list of subscription IDs from the Properties page in the Azure portal. If provided, the query will be executed for all workspaces of the specified subscriptions. When 'null' (which is the default value), the query will be executed either for all workspaces of all subscriptions of the tenant (if the list of workspace IDs is also null) or for the specified workspaces in the corresponding parameter.

 

Technical Name

subscription_ids

Category

Functional

Type

Array

Default Value

null

Example Values

null

 

Workspace IDs

A list of workspace ids from the Properties page in the Azure portal. If provided, the query will be executed for the workspaces in this list. When set to `null`, all available workspaces will be used, which is the default behavior. This parameter can only be used if the list of subscription ids is set to null.

 

Technical Name

workspace_ids

Category

Functional

Type

Array

Default Value

null

Example Values

null

 

Skip steps that cause errors

When set to true, the connector continues to execute even after encountering an error while fetching data. If an error occurs, the subscription id, the workspace id, and additional information will be logged. It is advisable to always check the log for warnings and error messages to identify potential issues that may lead to incomplete data (e.g., lack of permissions).

 

Technical Name

skip_on_error

Category

Functional

Type

Boolean

Default Value

false

Example Values

false

 

Fetch Daemons

This parameter is used to enable or disable the fetching of daemons.

 

Technical Name

fetch_daemons

Category

Functional

Type

Boolean (true or false)

Default Value

true

Example Values

true

 

The following query is executed, when this parameter is set true.

 

ConfigurationData 

| where ConfigDataType == "Daemons" 

| where TimeGenerated > datetime({timeInterval.start}) 

| where TimeGenerated < datetime({timeInterval.end}) 

| where SourceComputerId in ({deviceFilter}) .  '\") 

| summarize by SourceComputerId, Computer, SourceSystem, 

ManagementGroupName, VMUUID, Type, 

_ResourceId, SvcDisplayName, SvcAccount, 

SvcController, SvcName, SvcPath, SvcRunlevels, 

SvcStartupType, SvcState, SvcDescription';

 

Fetch Files

This parameter is used to enable or disable the fetching of files.

 

Technical Name

fetch_files

Category

Functional

Type

Boolean (true or false)

Default Value

true

Example Values

true

 

The following query is executed, when this parameter is set true.

 

ConfigurationData 
| where ConfigDataType == "Files" 
| where TimeGenerated > datetime({timeInterval.start}) 
| where TimeGenerated < datetime({timeInterval.end}) 
| where SourceComputerId in ({deviceFilter}) .  '\") 
| summarize by SourceComputerId, Computer, SourceSystem, 
ManagementGroupName, VMUUID, Type, 
_ResourceId, SvcDisplayName, SvcAccount, 
SvcController, SvcName, SvcPath, SvcRunlevels, 
SvcStartupType, SvcState, SvcDescription';

 

Fetch Registries

This parameter is used to enable or disable the fetching of registries.

 

Technical Name

fetch_registries

Category

Functional

Type

Boolean (true or false)

Default Value

true

Example Values

true

 

The following query is executed, when this parameter is set true.

 

ConfigurationData 
| where ConfigDataType == "Registry" 
| where TimeGenerated > datetime({timeInterval.start}) 
| where TimeGenerated < datetime({timeInterval.end}) 
| where SourceComputerId in ({deviceFilter}) .  '\") 
| summarize by SourceComputerId, Computer, SourceSystem, 
ManagementGroupName, VMUUID, Type, 
_ResourceId, SvcDisplayName, SvcAccount, 
SvcController, SvcName, SvcPath, SvcRunlevels, 
SvcStartupType, SvcState, SvcDescription';

 

Fetch Software

This parameter is used to enable or disable the fetching of software.

 

Technical Name

fetch_software

Category

Functional

Type

Boolean (true or false)

Default Value

true

Example Values

true

 

The following query is executed, when this parameter is set true.

 

ConfigurationData 
| where ConfigDataType == "Software" 
| where TimeGenerated > datetime({timeInterval.start}) 
| where TimeGenerated < datetime({timeInterval.end}) 
| where SourceComputerId in ({deviceFilter}) .  '\") 
| summarize by SourceComputerId, Computer, SourceSystem, 
ManagementGroupName, VMUUID, Type, 
_ResourceId, SvcDisplayName, SvcAccount, 
SvcController, SvcName, SvcPath, SvcRunlevels, 
SvcStartupType, SvcState, SvcDescription';

 

Fetch Windows Services

This parameter is used to enable or disable the fetching of windows services.

 

Technical Name

fetch_windows_services

Category

Functional

Type

Boolean (true or false)

Default Value

true

Example Values

true

 

The following query is executed, when this parameter is set true.

 

ConfigurationData 
| where ConfigDataType == "WindowsServices" 
| where TimeGenerated > datetime({timeInterval.start}) 
| where TimeGenerated < datetime({timeInterval.end}) 
| where SourceComputerId in ({deviceFilter}) .  '\") 
| summarize by SourceComputerId, Computer, SourceSystem, 
ManagementGroupName, VMUUID, Type, 
_ResourceId, SvcDisplayName, SvcAccount, 
SvcController, SvcName, SvcPath, SvcRunlevels, 
SvcStartupType, SvcState, SvcDescription';

 

Device Filter

This parameter is used to define a list of devices for which the results will be fetched. If this field is set to null, it will override the default value.

 

Technical Name

device_filter

Category

Functional

Type

Array

null

Default Value

null

Example Values

null

 

Fetch in Time Interval

This parameter is used to restrict the query to the given time interval.

 

Technical Name

time_interval

Category

Functional

Type

String

Default Value

P30D

Example Values

P30D

2020-10-01T14:15Z/2020-11-20T16:00Z

2020-10-01T14:15Z/P2DT5H45M

P1DT1H45M/2020-11-01T14:15Z

PT21H45M

 

The interval has to conform to the ISO-8601 standard. Repeating intervals are not supported.

Example 1: For setting an interval with 'start date' and the 'end date' we use '2020-10-01T14:15Z/2020-11-20T16:00Z'.

Example 2: For setting an interval with 'start date' and 'duration' we use '2020-10-01T14:15Z/P2DT5H45M'.

Example 3: For setting an interval with 'duration' and the 'end date' we use 'P1DT1H45M/2020-11-01T14:15Z'.

Example 4: For setting an interval with only 'duration' which will go in past from instance of now we use 'PT21H45M'.