parsedmarc.loganalytics
🔗
LogAnalyticsClient
🔗
LogAnalyticsClient(
client_id: str,
client_secret: str,
tenant_id: str,
dce: str,
dcr_immutable_id: str,
dcr_aggregate_stream: str | None = None,
dcr_forensic_stream: str | None = None,
)
Azure Log Analytics Client
Pushes the DMARC reports to Log Analytics via Data Collection Rules.
References
- https://learn.microsoft.com/en-us/azure/azure-monitor/logs/logs-ingestion-api-overview
PARAMETER | DESCRIPTION |
---|---|
client_id |
The client ID of the service principle.
TYPE:
|
client_secret |
The client secret of the service principle.
TYPE:
|
tenant_id |
The tenant ID where the service principle resides.
TYPE:
|
dce |
The Data Collection Endpoint (DCE) used by the Data Collection Rule (DCR).
TYPE:
|
dcr_immutable_id |
The immutable ID of the Data Collection Rule (DCR).
TYPE:
|
dcr_aggregate_stream |
The Stream name where the Aggregate DMARC reports need to be pushed.
TYPE:
|
dcr_forensic_stream |
The Stream name where the Forensic DMARC reports need to be pushed.
TYPE:
|
publish_results
🔗
publish_results(
results: SortedReportContainer,
save_aggregate: bool,
save_forensic: bool,
) -> None
Publish DMARC reports to Log Analytics via Data Collection Rules (DCR).
PARAMETER | DESCRIPTION |
---|---|
results |
The DMARC reports (Aggregate & Forensic)
TYPE:
|
save_aggregate |
Whether Aggregate reports can be saved into Log Analytics
TYPE:
|
save_forensic |
Whether Forensic reports can be saved into Log Analytics
TYPE:
|