Get Azure Security Center alerts via python SDK

982 Views Asked by PierreD At 20 October 2024 at 08:20

I want to list azure security center alerts using the python SDK.

I found this package: https://pypi.org/project/azure-mgmt-security/

It must be included in the microsoft documentation:

https://learn.microsoft.com/en-gb/python/azure/?view=azure-python https://github.com/Azure/azure-sdk-for-python

but I can not find any reference or example.

Does anyone know where I can find this information?

Best regards.

Original Q&A

There are 2 best solutions below

Ivan Glasenberg On 27 June 2019 at 09:11 BEST ANSWER

I can just give a rough reference.

After install the package azure-mgmt-security, you should use List method in the package, source code is here.

Here is the the doc on how to authentication. Here is doc on how to get tenantId / client_id / key.

Here is my code:

from azure.mgmt.security import SecurityCenter
from azure.common.credentials import ServicePrincipalCredentials

subscription_id = "xxxx"

# Tenant ID for your Azure subscription
TENANT_ID = '<Your tenant ID>'

# Your service principal App ID
CLIENT = '<Your service principal ID>'

# Your service principal password
KEY = '<Your service principal password>'

credentials = ServicePrincipalCredentials(
    client_id = CLIENT,
    secret = KEY,
    tenant = TENANT_ID
)

client = SecurityCenter(credentials=credentials,subscription_id=subscription_id,asc_location="centralus")
client.alerts.list()

Also, you can use List Alerts api with a http request in python.

estemendoza On 01 February 2021 at 18:27

As of today, February 2021, Microsoft again changed the way credentials are instantiated. Here is the current one:

from azure.identity import DefaultAzureCredential

# Acquire a credential object for the app identity. When running in the cloud,
# DefaultAzureCredential uses the app's managed identity (MSI) or user-assigned service principal.
# When run locally, DefaultAzureCredential relies on environment variables named
# AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and AZURE_TENANT_ID.

credential = DefaultAzureCredential()

And it also changed the SecurityCenter signature, the credentials parameter was renamed to credential without the "s".

Full documentation here.

Get Azure Security Center alerts via python SDK

There are 2 best solutions below

Related Questions in PYTHON

Related Questions in AZURE

Related Questions in AZURE-SDK-PYTHON

Related Questions in SECURITYCENTER

Trending Questions

Popular # Hahtags

Popular Questions