importing rules with import-azsentinelalertrules does not work

Question

importing rules with import-azsentinelalertrules does not work

ssi0202 opened this issue 5 years ago · 1 comments

hi

what am i doing wrong here, it works for if I used the import-AzsentinelHuntingRule from the detections folder. and everything gets loaded up, ok
if i do the same from the detection folder with import-azsentinelAlertrule i get this error, is there something i missed or what?

the sentinel is in a seperate resource group but the the permissions, and the fact that everything works when i use the import-azsentinelHuntingRule makes it really wired that this is even an issue.

Import-AzSentinelAlertRule -SettingsFile "sentinel_attack_rules.json"

cmdlet Import-AzSentinelAlertRule at command pipeline position 1
Supply values for the following parameters:
WorkspaceName: XXXXXXXXXX
Import-AzSentinelAlertRule : Unable to connect to APi to get Analytic rules with message: The gateway did not receive a response from 'Microsoft.SecurityInsights' within the specified time period.
At line:1 char:1
+ Import-AzSentinelAlertRule -SettingsFile "sentinel_attack_rules.json"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Import-AzSentinelAlertRule

Answer 1 · 2019-11-19T12:22:34.000Z

it works now please close