You can configure the Scan Result Topic to notify you when a scan occurs. The Scan Result
Topic is a resource of Azure Service Bus Topic.
To be notified through the Scan Result Topic, you need to create a subscription of
the topic. Follow the steps to find the required information of the Scan Result
Topic in the storage stack resource group and create a subscription of the
topic:
Procedure
- In Azure portal, go to Resource groups > your storage stack > Overview
- The Service Bus Namespace of the Scan Result Topic is the Service Bus Namespace
resource that has a
tmsrt0prefix. - Go to the Service Bus Namespace > Topics. You can see Scan
Result Topic named as
scan-result-topic. - Go to the Scan Result Topic > Subscriptions. Select +
Subscription. Enter the required parameters:
- Name: The subscription name
- Max delivery count: The maximum count for which the service bus subscription will deliver each message
Select Create. - You can see the created subscription listed in the subscription list.
What to do next
By using Azure Service Bus trigger for Azure Functions, you can create an Azure
function app to process the scan results. Here is an example for creating an Azure
function app to promote or quarantine the scanned files: Post-Scan Action: Promote or Quarantine.
By using Azure Logic Apps, you can add a Service Bus Trigger and configure the downstream actions you would
like to take when receiving a scan result from the Scan Result Topic. When
configuring the trigger, choose the one with When a message is received in a
topic subscription (auto-complete).
For details of the scan result format in Scan Result Topic, see scan result
format.