Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
Azure
GitHub Repository: Azure/Azure-Sentinel-Notebooks
 Path: blob/master/sentinel-lake-notebooks/retroactive-hunting-notebook/TI-Retroactive-Hunting.job.yaml
3253 views
1
jobName: TI-Retroactive-Hunting

2
jobType: Notebook

3
jobPath: TI-Retroactive-Hunting.ipynb

4
jobDescription: |-

5
  This notebook correlates Threat Intelligence Indicators, from the

6
    ThreatIntelIndicators table with log data from multiple sources over a

7
    configurable lookback period, aggregates matches by TI indicator, and saves

8
    results to a managed table for further analysis. 

9
scheduleConfig:

10
  isDisabled: false

11
  startTime: '2025-10-01T17:00:00.000+00:00'

12
  endTime: '2025-10-03T17:00:00.000+00:00'

13
  repeatFrequency: Days

14
  interval: 1

15
computeInfo:

16
  nodeSize: large

17
  driverCores: 16

18
  driverMemory: 112GB

19
  executorCores: 16

20
  executorMemory: 112GB

21
  isExecutorAutoScale: false

22
  executorMinCount: 4

23
  executorMaxCount: 4

24
  friendlyName: large pool (80 vCores)

25
inputTables: []

26
outputTables: []

27
runtimeArgs: []

28
isDisabled: false

29


30