Comments (1)
ianhelle
commented on May 18, 2024
Hi,
It does in theory. However, there are some caveats:
- You need to be able to install it and dependencies from PyPI - this might be an issue in an air-gapped environment. We have some workarounds for this using a scripted copy and install from a shared folder/URL
- The URL used by the KQL connection assumes the public cloud by default. You can change this in a couple of ways:
- Set the environment variable KQLMAGIC_CONFIGURATION=cloud=government
- After loading the Azure Sentinel query provider (but before authenticating) run this in a single cell
%kql --config 'cloud=government'
- Our keyvault support (for storing/retrieving secrets in KeyVault) has some support for multiple clouds but we haven't really tested this well.
2 and 3 are easy to get working in a smoother way - we just haven't done it because a) no one has asked us for it and b) we have limited ability to test it.
I'd be very really happy to work with you to get this going.
from msticpy.
Related Issues (20)
- GPT Request for TI investigation and enrichment HOT 1
- Add support for package-based msticpy extensions and plugins HOT 2
- [Bug]: Dataprovider bugs
- [Bug]: IoCExtract classifies a FQDN as EMAIL HOT 2
- Add Panel Perspective Widget for Pivot Table Functionality HOT 2
- Loading the credentials from msticpyconfig.yaml on SplunkUploader HOT 5
- Integrate IntelOwl as a new TI provider for enrichment HOT 3
- [Bug]: QueryProvider connect method fails to extract IDs from a connection string HOT 2
- [Bug]: Query splitting on a pre-defined query returns a runtime error HOT 2
- [Bug]: Username-Password Credentials in Environmental Variables don't Work HOT 1
- Add certificate based authentication for data provider using an Azure AD Application HOT 3
- [Bug]: AttributeError: 'LogsQueryPartialResult' object has no attribute 'tables' on large response limits. HOT 2
- Username & Password authentication to M365D/MDE as same as Azure Sentinel HOT 2
- [Bug]: KeyError: 'label' when using df.mp.whois HOT 1
- [Bug]: ValueError: endog must have ndim <= 1 HOT 1
- Add Rich Text Editor Widget for Reporting and Documentation Purposes HOT 2
- [Bug]: MSSentinel Provider - No errors thrown for partial query errors when using split_query_by parameter
- [Bug]: Conda installation not working
- Potential Logic Error HOT 3
- What happened to msticpy.iptools?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from msticpy.