sentinel_source_controls_list
Retrieve all source controls configured in your Microsoft Sentinel workspace to manage security data ingestion and monitoring.
Instructions
List all Sentinel source controls in the current workspace.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| kwargs | Yes |
Implementation Reference
- tools/workspace_tools.py:115-171 (handler)The main execution handler for the 'sentinel_source_controls_list' tool. It retrieves Azure context, lists source controls using the SecurityInsights client, formats them into a dictionary list, and returns a structured result with validation flags and error handling.async def run(self, ctx: Context, **kwargs): """ List all source controls in the current Sentinel workspace. Parameters: None required. (Context is extracted from MCP or environment.) Returns: dict: { 'source_controls': list[dict], 'valid': bool, 'errors': list[str], 'error': str (optional, present only if an error occurs) } Output Fields: - source_controls: List of source control objects (id, name, repo, etc.) - valid: True if successful, False otherwise - errors: List of error messages (empty if none) - error: Error message if an error occurs (optional) Error cases will always include an 'error' key for testability. """ logger = self.logger params = dict(kwargs) if "kwargs" in kwargs and isinstance(kwargs["kwargs"], dict): params.update(kwargs["kwargs"]) workspace_name, resource_group, subscription_id = self.get_azure_context(ctx) result = { "source_controls": [], "valid": False, "errors": [], } try: client = self.get_securityinsight_client(subscription_id) controls = client.source_controls.list(resource_group, workspace_name) controls_list = [] for ctrl in controls: controls_list.append( { "id": getattr(ctrl, "id", None), "name": getattr(ctrl, "name", None), "repo_type": getattr(ctrl, "repo_type", None), "repo_url": getattr(ctrl, "repo_url", None), "description": getattr(ctrl, "description", None), "content_types": getattr(ctrl, "content_types", None), "created_time_utc": str(getattr(ctrl, "created_time_utc", "")), "last_modified_time_utc": str( getattr(ctrl, "last_modified_time_utc", "") ), } ) result["source_controls"] = controls_list result["valid"] = True except Exception as ex: error_msg = "Error listing source controls: %s" % ex logger.exception("%s", error_msg) result["error"] = error_msg result["errors"].append(error_msg) return result
- tools/workspace_tools.py:107-114 (schema)Class definition including the tool name, description, and docstring that serves as input/output schema documentation. Inherits from MCPToolBase which likely provides standard schema handling.class SentinelSourceControlsListTool(MCPToolBase): """ Tool for listing all Sentinel source controls in the current workspace. """ name = "sentinel_source_controls_list" description = "List all Sentinel source controls in the current workspace."
- tools/workspace_tools.py:573-573 (registration)Explicit registration of the SentinelSourceControlsListTool with the MCP server instance.SentinelSourceControlsListTool.register(mcp)