Skip to content

[Microsoft Sentinel] Migrate save expectation traces to new bulk endpoint #146

New issue
New issue
Open
Open
[Microsoft Sentinel] Migrate save expectation traces to new bulk endpoint#146
Labels
featureuse for describing a new feature to developneeds triageuse to identify issue needing triage from Filigran Product team
@impolitepanda

Description

@impolitepanda
impolitepanda
opened on May 5, 2025

Use case

To improve performances, a new endpoint has been created on the OpenBAS API which allows the insertion of expectation traces in bulk rather than one by one.

Current Workaround

None

Proposed Solution

This collector needs to be migrated so that we can remove the now deprecated singular insert endpoint and improve its stability and performances

Additional Information

Work was already done in the Crowdstrike collector and should be adapted in a similar way.
#129

Metadata

Metadata

Assignees

No one assigned

    Labels

    featureuse for describing a new feature to developneeds triageuse to identify issue needing triage from Filigran Product team

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions