[Feature] Monitor executions and consumption #442
Assignees
Labels
Comments
piaudonn
added
pending-triage
|
@piaudonn I'm interested in that option yes, I think we need to really think through all the possible use cases of it carefully as well as the schema of the table. For use cases I think the workbook can give us that stats but also give us a nicer layout for the enrichments themselves as an alternate to incident comments which could be read out of the custom table. Additionally, we could potentially have integrations with UEBA entity timeline, for example with the KQL module if it finds something, maybe that should show up on the users entity timeline? maybe other modules as well Are there other things we could/should keep in mind when planning this? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As we had a workbook in STATv1 to keep track of what was there and gather stats, it would be nice to have that with STATv2.
At least as an option deployment option. @briandelmsft we discussed the option to send logs to a custom table? Should we offer the option?
The text was updated successfully, but these errors were encountered: