You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/connect-besecure.md
+12-8Lines changed: 12 additions & 8 deletions
Original file line number
Diff line number
Diff line change
@@ -14,17 +14,17 @@ ms.devlang: na
14
14
ms.topic: how-to
15
15
ms.tgt_pltfrm: na
16
16
ms.workload: na
17
-
ms.date: 10/25/2020
17
+
ms.date: 01/12/2021
18
18
ms.author: yelevin
19
19
20
20
---
21
21
22
22
# Connect your Beyond Security beSECURE to Azure Sentinel
23
23
24
24
> [!IMPORTANT]
25
-
> The Beyond Security beSECURE data connector in Azure Sentinel is currently in public preview. This feature is provided without a service level agreement. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
25
+
> The Beyond Security beSECURE connector is currently in **PREVIEW**. See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
26
26
27
-
Beyond Security beSECURE connector allows you to easily connect all your beSECURE security solution logs with your Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between beSECURE and Azure Sentinel makes use of REST API.
27
+
The Beyond Security beSECURE connector allows you to easily connect all your beSECURE security solution logs with your Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between beSECURE and Azure Sentinel makes use of REST API.
28
28
29
29
> [!NOTE]
30
30
> Data will be stored in the geographic location of the workspace on which you are running Azure Sentinel.
@@ -33,7 +33,9 @@ Beyond Security beSECURE connector allows you to easily connect all your beSECUR
33
33
34
34
beSECURE can integrate with and export logs directly to Azure Sentinel.
35
35
36
-
1. In the Azure Sentinel portal, click **Data connectors** and select **Beyond Security beSECURE (Preview)** and then **Open connector page**.
36
+
1. In the Azure Sentinel navigation menu, select **Data connectors**.
37
+
38
+
1. From the **Data connectors** gallery, select **Beyond Security beSECURE (Preview)** and then **Open connector page**.
37
39
38
40
1. Follow the steps below to configure your beSECURE solution to send out scan results, scan status and audit trail logs to Azure Sentinel.
39
41
@@ -46,8 +48,10 @@ beSECURE can integrate with and export logs directly to Azure Sentinel.
46
48
47
49
1. Enable Azure Sentinel
48
50
49
-
**Provide beSECURE with Azure Sentinel settings.**
50
-
- Copy the *Workspace ID* and *Primary Key* values from the Azure Sentinel connector page, paste them in the beSECURE configuration, and click **Modify**.
51
+
**Provide beSECURE with Azure Sentinel settings:**
52
+
53
+
:::image type="content" source="media/connectors/workspace-id-primary-key.png" alt-text="{Workspace ID and primary key}":::
54
+
Copy the *Workspace ID* and *Primary Key* values from the Azure Sentinel connector page, paste them in the beSECURE configuration, and click **Modify**.
51
55
52
56
## Find your data
53
57
@@ -56,13 +60,13 @@ After a successful connection is established, the data appears in **Logs**, unde
56
60
-`beSECURE_ScanEvents_CL`
57
61
-`beSECURE_Audit_CL`
58
62
59
-
To query the beSECURE logs in Log Analytics, enter one of the above table names at the top of the query window.
63
+
To query the beSECURE logs in analytics rules, hunting queries, investigations, or anywhere else in Azure Sentinel, enter one of the above table names at the top of the query window.
60
64
61
65
## Validate connectivity
62
66
It may take up to 20 minutes until your logs start to appear in Log Analytics.
63
67
64
68
## Next steps
65
69
In this document, you learned how to connect beSECURE to Azure Sentinel. To learn more about Azure Sentinel, see the following articles:
66
-
- Learn how to [get visibility into your data, and potential threats](quickstart-get-visibility.md).
70
+
- Learn how to [get visibility into your data and potential threats](quickstart-get-visibility.md).
67
71
- Get started [detecting threats with Azure Sentinel](tutorial-detect-threats-built-in.md).
68
72
-[Use workbooks](tutorial-monitor-your-data.md) to monitor your data.
title: Connect BETTER Mobile Threat Defense (MTD) to Azure Sentinel | Microsoft Docs
3
+
description: Learn how to use the BETTER Mobile Threat Defense (MTD) data connector to pull MTD logs into Azure Sentinel. View MTD data in workbooks, create alerts, and improve investigation.
4
+
services: sentinel
5
+
documentationcenter: na
6
+
author: yelevin
7
+
manager: rkarlin
8
+
editor: ''
9
+
10
+
ms.assetid: 0001cad6-699c-4ca9-b66c-80c194e439a5
11
+
ms.service: azure-sentinel
12
+
ms.subservice: azure-sentinel
13
+
ms.devlang: na
14
+
ms.topic: how-to
15
+
ms.tgt_pltfrm: na
16
+
ms.workload: na
17
+
ms.date: 01/12/2021
18
+
ms.author: yelevin
19
+
20
+
---
21
+
22
+
# Connect your BETTER Mobile Threat Defense (MTD) to Azure Sentinel
23
+
24
+
> [!IMPORTANT]
25
+
> The BETTER Mobile Threat Defense (MTD) connector is currently in **PREVIEW**. See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
26
+
27
+
The BETTER Mobile Threat Defense (MTD) connector allows you to easily connect all your BETTER MTD security solution logs with your Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between BETTER Mobile Threat Defense and Azure Sentinel makes use of REST API.
28
+
29
+
> [!NOTE]
30
+
> Data will be stored in the geographic location of the workspace on which you are running Azure Sentinel.
31
+
32
+
## Configure and connect BETTER Mobile Threat Defense
33
+
34
+
BETTER MTD can integrate and export logs directly to Azure Sentinel.
35
+
36
+
1. In the Azure Sentinel navigation menu, select **Data connectors**.
37
+
38
+
1. From the **Data connectors** gallery, select **BETTER Mobile Threat Defense (MTD) (Preview)** and then **Open connector page**.
39
+
40
+
1. Follow the steps on the connector page and on [this page from the BETTER MTD Documentation](https://mtd-docs.bmobi.net/integrations/azure-sentinel/setup-integration#mtd-integration-configuration) to finalize the integration on BETTER MTD Console.
41
+
42
+
When requested to enter the **Workspace ID** and **Primary Key** values, copy them from the Azure Sentinel connector page and paste them into the BETTER MTD configuration.
43
+
44
+
:::image type="content" source="media/connectors/workspace-id-primary-key.png" alt-text="{Workspace ID and primary key}":::
45
+
46
+
## Find your data
47
+
48
+
After a successful connection is established, the data appears in **Logs**, under the **CustomLogs** section, in one or more of the following tables:
49
+
-`BetterMTDDeviceLog_CL`
50
+
-`BetterMTDIncidentLog_CL`
51
+
-`BetterMTDAppLog_CL`
52
+
-`BetterMTDNetflowLog_CL`
53
+
54
+
To query the BETTER MTD logs in analytics rules, hunting queries, or anywhere else in Azure Sentinel, enter one of the above table names at the top of the query window.
55
+
56
+
## Validate connectivity
57
+
58
+
It may take up to 20 minutes until your logs start to appear in Log Analytics.
59
+
60
+
## Next steps
61
+
62
+
In this document, you learned how to connect BETTER Mobile Threat Defense (MTD) to Azure Sentinel. To learn more about Azure Sentinel, see the following articles:
63
+
- Learn how to [get visibility into your data and potential threats](quickstart-get-visibility.md).
64
+
- Get started [detecting threats with Azure Sentinel](tutorial-detect-threats-built-in.md).
65
+
-[Use workbooks](tutorial-monitor-your-data.md) to monitor your data.
title: Connect Cisco Umbrella to Azure Sentinel | Microsoft Docs
3
+
description: Learn how to use the Cisco Umbrella data connector to pull Umbrella data into Azure Sentinel. View Umbrella data in workbooks, create alerts, and improve investigation.
4
+
services: sentinel
5
+
documentationcenter: na
6
+
author: yelevin
7
+
manager: rkarlin
8
+
editor: ''
9
+
10
+
ms.assetid: 0001cad6-699c-4ca9-b66c-80c194e439a5
11
+
ms.service: azure-sentinel
12
+
ms.subservice: azure-sentinel
13
+
ms.devlang: na
14
+
ms.topic: how-to
15
+
ms.tgt_pltfrm: na
16
+
ms.workload: na
17
+
ms.date: 01/12/2021
18
+
ms.author: yelevin
19
+
20
+
---
21
+
# Connect your Cisco Umbrella to Azure Sentinel
22
+
23
+
> [!IMPORTANT]
24
+
> The Cisco Umbrella connector is currently in **PREVIEW**. See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
25
+
26
+
The Cisco Umbrella connector allows you to easily connect all your Cisco Umbrella security solution logs with your Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between Cisco Umbrella and Azure Sentinel makes use of REST API.
27
+
28
+
> [!NOTE]
29
+
> Data will be stored in the geographic location of the workspace on which you are running Azure Sentinel.
30
+
31
+
## Configure and connect Cisco Umbrella
32
+
33
+
Cisco Umbrella can integrate and export logs directly to Azure Sentinel.
34
+
35
+
1. In the Azure Sentinel navigation menu, select **Data connectors**.
36
+
37
+
1. From the **Data connectors** gallery, select **Cisco Umbrella (Preview)** and then **Open connector page**.
38
+
39
+
1. Follow the steps described in the **Configuration** section of the connector page.
40
+
41
+
## Find your data
42
+
43
+
After a successful connection is established, the data appears in **Logs**, under the **CustomLogs** section, in one or more of the following tables:
44
+
-`Cisco_Umbrella_dns_CL`
45
+
-`Cisco_Umbrella_proxy_CL`
46
+
-`Cisco_Umbrella_ip_CL`
47
+
-`Cisco_Umbrella_cloudfirewall_CL`
48
+
49
+
## Validate connectivity
50
+
51
+
It may take up to 20 minutes until your logs start to appear in Log Analytics.
52
+
53
+
## Next steps
54
+
55
+
In this document, you learned how to connect Cisco Umbrella data to Azure Sentinel. To learn more about Azure Sentinel, see the following articles:
56
+
- Learn how to [get visibility into your data and potential threats](quickstart-get-visibility.md).
57
+
- Get started [detecting threats with Azure Sentinel](tutorial-detect-threats-built-in.md).
58
+
-[Use workbooks](tutorial-monitor-your-data.md) to monitor your data.
title: Connect Trend Micro TippingPoint to Azure Sentinel | Microsoft Docs
3
+
description: Learn how to use the Trend Micro TippingPoint data connector to pull TippingPoint SMS logs into Azure Sentinel. View TippingPoint data in workbooks, create alerts, and improve investigation.
4
+
services: sentinel
5
+
documentationcenter: na
6
+
author: yelevin
7
+
manager: rkarlin
8
+
editor: ''
9
+
10
+
ms.assetid: 0001cad6-699c-4ca9-b66c-80c194e439a5
11
+
ms.service: azure-sentinel
12
+
ms.subservice: azure-sentinel
13
+
ms.devlang: na
14
+
ms.topic: how-to
15
+
ms.tgt_pltfrm: na
16
+
ms.workload: na
17
+
ms.date: 01/12/2021
18
+
ms.author: yelevin
19
+
20
+
---
21
+
# Connect Trend Micro TippingPoint
22
+
23
+
The Trend Micro TippingPoint connector lets you easily connect your TippingPoint SMS logs with Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's networks and systems, and improves your security operation capabilities.
24
+
25
+
## Prerequisites
26
+
27
+
- Read and write permissions to the Azure Sentinel workspace.
28
+
29
+
## Connect Azure Sentinel to Trend Micro TippingPoint
30
+
31
+
1. In the Azure portal, navigate to **Azure Sentinel** > **Data connectors** and then select the **Trend Micro TippingPoint** connector.
32
+
33
+
2. Select **Open connector page**.
34
+
35
+
3. Follow the instructions and next steps.
36
+
37
+
## Next steps
38
+
39
+
In this document, you learned how to connect Trend Micro TippingPoint to Azure Sentinel. To learn more about Azure Sentinel, see the following articles:
40
+
- Learn how to [get visibility into your data, and potential threats](quickstart-get-visibility.md).
41
+
- Get started [detecting threats with Azure Sentinel](tutorial-detect-threats-built-in.md).
42
+
-[Use workbooks](tutorial-monitor-your-data.md) to monitor your data.
0 commit comments