Forum Discussion

john66571's avatar
john66571
Iron Contributor
Mar 13, 2025
Solved

Update content package Metadata

Hello Sentinel community and Microsoft. Ive been working on a script where i use this command: https://learn.microsoft.com/en-us/rest/api/securityinsights/content-package/install?view=rest-security...
apis
automation
Content
siem
soar
  • GaryBushey's avatar
    GaryBushey
    Mar 13, 2025

    As you have stated, that API doesn't work completely (not really sure why it is there).  If you watch what MS Sentinel does when a solution is deployed, it uses "/subscriptions/$($SubscriptionId)/resourcegroups/$($ResourceGroup)/providers/Microsoft.Resources/deployments/" + the deployment name.

     

    Take a look at the All-In-One V2's PowerShell script to see how we used this command to deploy the selected solutions: Azure-Sentinel/Tools/Sentinel-All-In-One/v2 at master · Azure/Azure-Sentinel

GaryBushey's avatar
GaryBushey
Bronze Contributor
Mar 13, 2025

As you have stated, that API doesn't work completely (not really sure why it is there).  If you watch what MS Sentinel does when a solution is deployed, it uses "/subscriptions/$($SubscriptionId)/resourcegroups/$($ResourceGroup)/providers/Microsoft.Resources/deployments/" + the deployment name.

 

Take a look at the All-In-One V2's PowerShell script to see how we used this command to deploy the selected solutions: Azure-Sentinel/Tools/Sentinel-All-In-One/v2 at master · Azure/Azure-Sentinel

Resources