Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 414b126

Browse files
committedJan 13, 2021
First draft
1 parent 50a8c77 commit 414b126

File tree

5 files changed

+177
-8
lines changed

5 files changed

+177
-8
lines changed
 

‎articles/sentinel/connect-besecure.md

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -14,17 +14,17 @@ ms.devlang: na
1414
ms.topic: how-to
1515
ms.tgt_pltfrm: na
1616
ms.workload: na
17-
ms.date: 10/25/2020
17+
ms.date: 01/12/2021
1818
ms.author: yelevin
1919

2020
---
2121

2222
# Connect your Beyond Security beSECURE to Azure Sentinel
2323

2424
> [!IMPORTANT]
25-
> The Beyond Security beSECURE data connector in Azure Sentinel is currently in public preview. This feature is provided without a service level agreement. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
25+
> The Beyond Security beSECURE connector is currently in **PREVIEW**. See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
2626
27-
Beyond Security beSECURE connector allows you to easily connect all your beSECURE security solution logs with your Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between beSECURE and Azure Sentinel makes use of REST API.
27+
The Beyond Security beSECURE connector allows you to easily connect all your beSECURE security solution logs with your Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between beSECURE and Azure Sentinel makes use of REST API.
2828

2929
> [!NOTE]
3030
> Data will be stored in the geographic location of the workspace on which you are running Azure Sentinel.
@@ -33,7 +33,9 @@ Beyond Security beSECURE connector allows you to easily connect all your beSECUR
3333

3434
beSECURE can integrate with and export logs directly to Azure Sentinel.
3535

36-
1. In the Azure Sentinel portal, click **Data connectors** and select **Beyond Security beSECURE (Preview)** and then **Open connector page**.
36+
1. In the Azure Sentinel navigation menu, select **Data connectors**.
37+
38+
1. From the **Data connectors** gallery, select **Beyond Security beSECURE (Preview)** and then **Open connector page**.
3739

3840
1. Follow the steps below to configure your beSECURE solution to send out scan results, scan status and audit trail logs to Azure Sentinel.
3941

@@ -46,8 +48,10 @@ beSECURE can integrate with and export logs directly to Azure Sentinel.
4648

4749
1. Enable Azure Sentinel
4850

49-
**Provide beSECURE with Azure Sentinel settings.**
50-
- Copy the *Workspace ID* and *Primary Key* values from the Azure Sentinel connector page, paste them in the beSECURE configuration, and click **Modify**.
51+
**Provide beSECURE with Azure Sentinel settings:**
52+
53+
:::image type="content" source="media/connectors/workspace-id-primary-key.png" alt-text="{Workspace ID and primary key}":::
54+
Copy the *Workspace ID* and *Primary Key* values from the Azure Sentinel connector page, paste them in the beSECURE configuration, and click **Modify**.
5155

5256
## Find your data
5357

@@ -56,13 +60,13 @@ After a successful connection is established, the data appears in **Logs**, unde
5660
- `beSECURE_ScanEvents_CL`
5761
- `beSECURE_Audit_CL`
5862

59-
To query the beSECURE logs in Log Analytics, enter one of the above table names at the top of the query window.
63+
To query the beSECURE logs in analytics rules, hunting queries, investigations, or anywhere else in Azure Sentinel, enter one of the above table names at the top of the query window.
6064

6165
## Validate connectivity
6266
It may take up to 20 minutes until your logs start to appear in Log Analytics.
6367

6468
## Next steps
6569
In this document, you learned how to connect beSECURE to Azure Sentinel. To learn more about Azure Sentinel, see the following articles:
66-
- Learn how to [get visibility into your data, and potential threats](quickstart-get-visibility.md).
70+
- Learn how to [get visibility into your data and potential threats](quickstart-get-visibility.md).
6771
- Get started [detecting threats with Azure Sentinel](tutorial-detect-threats-built-in.md).
6872
- [Use workbooks](tutorial-monitor-your-data.md) to monitor your data.
Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
---
2+
title: Connect BETTER Mobile Threat Defense (MTD) to Azure Sentinel | Microsoft Docs
3+
description: Learn how to use the BETTER Mobile Threat Defense (MTD) data connector to pull MTD logs into Azure Sentinel. View MTD data in workbooks, create alerts, and improve investigation.
4+
services: sentinel
5+
documentationcenter: na
6+
author: yelevin
7+
manager: rkarlin
8+
editor: ''
9+
10+
ms.assetid: 0001cad6-699c-4ca9-b66c-80c194e439a5
11+
ms.service: azure-sentinel
12+
ms.subservice: azure-sentinel
13+
ms.devlang: na
14+
ms.topic: how-to
15+
ms.tgt_pltfrm: na
16+
ms.workload: na
17+
ms.date: 01/12/2021
18+
ms.author: yelevin
19+
20+
---
21+
22+
# Connect your BETTER Mobile Threat Defense (MTD) to Azure Sentinel
23+
24+
> [!IMPORTANT]
25+
> The BETTER Mobile Threat Defense (MTD) connector is currently in **PREVIEW**. See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
26+
27+
The BETTER Mobile Threat Defense (MTD) connector allows you to easily connect all your BETTER MTD security solution logs with your Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between BETTER Mobile Threat Defense and Azure Sentinel makes use of REST API.
28+
29+
> [!NOTE]
30+
> Data will be stored in the geographic location of the workspace on which you are running Azure Sentinel.
31+
32+
## Configure and connect BETTER Mobile Threat Defense
33+
34+
BETTER MTD can integrate and export logs directly to Azure Sentinel.
35+
36+
1. In the Azure Sentinel navigation menu, select **Data connectors**.
37+
38+
1. From the **Data connectors** gallery, select **BETTER Mobile Threat Defense (MTD) (Preview)** and then **Open connector page**.
39+
40+
1. Follow the steps on the connector page and on [this page from the BETTER MTD Documentation](https://mtd-docs.bmobi.net/integrations/azure-sentinel/setup-integration#mtd-integration-configuration) to finalize the integration on BETTER MTD Console.
41+
42+
When requested to enter the **Workspace ID** and **Primary Key** values, copy them from the Azure Sentinel connector page and paste them into the BETTER MTD configuration.
43+
44+
:::image type="content" source="media/connectors/workspace-id-primary-key.png" alt-text="{Workspace ID and primary key}":::
45+
46+
## Find your data
47+
48+
After a successful connection is established, the data appears in **Logs**, under the **CustomLogs** section, in one or more of the following tables:
49+
- `BetterMTDDeviceLog_CL`
50+
- `BetterMTDIncidentLog_CL`
51+
- `BetterMTDAppLog_CL`
52+
- `BetterMTDNetflowLog_CL`
53+
54+
To query the BETTER MTD logs in analytics rules, hunting queries, or anywhere else in Azure Sentinel, enter one of the above table names at the top of the query window.
55+
56+
## Validate connectivity
57+
58+
It may take up to 20 minutes until your logs start to appear in Log Analytics.
59+
60+
## Next steps
61+
62+
In this document, you learned how to connect BETTER Mobile Threat Defense (MTD) to Azure Sentinel. To learn more about Azure Sentinel, see the following articles:
63+
- Learn how to [get visibility into your data and potential threats](quickstart-get-visibility.md).
64+
- Get started [detecting threats with Azure Sentinel](tutorial-detect-threats-built-in.md).
65+
- [Use workbooks](tutorial-monitor-your-data.md) to monitor your data.
Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
---
2+
title: Connect Cisco Umbrella to Azure Sentinel | Microsoft Docs
3+
description: Learn how to use the Cisco Umbrella data connector to pull Umbrella data into Azure Sentinel. View Umbrella data in workbooks, create alerts, and improve investigation.
4+
services: sentinel
5+
documentationcenter: na
6+
author: yelevin
7+
manager: rkarlin
8+
editor: ''
9+
10+
ms.assetid: 0001cad6-699c-4ca9-b66c-80c194e439a5
11+
ms.service: azure-sentinel
12+
ms.subservice: azure-sentinel
13+
ms.devlang: na
14+
ms.topic: how-to
15+
ms.tgt_pltfrm: na
16+
ms.workload: na
17+
ms.date: 01/12/2021
18+
ms.author: yelevin
19+
20+
---
21+
# Connect your Cisco Umbrella to Azure Sentinel
22+
23+
> [!IMPORTANT]
24+
> The Cisco Umbrella connector is currently in **PREVIEW**. See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
25+
26+
The Cisco Umbrella connector allows you to easily connect all your Cisco Umbrella security solution logs with your Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. Integration between Cisco Umbrella and Azure Sentinel makes use of REST API.
27+
28+
> [!NOTE]
29+
> Data will be stored in the geographic location of the workspace on which you are running Azure Sentinel.
30+
31+
## Configure and connect Cisco Umbrella
32+
33+
Cisco Umbrella can integrate and export logs directly to Azure Sentinel.
34+
35+
1. In the Azure Sentinel navigation menu, select **Data connectors**.
36+
37+
1. From the **Data connectors** gallery, select **Cisco Umbrella (Preview)** and then **Open connector page**.
38+
39+
1. Follow the steps described in the **Configuration** section of the connector page.
40+
41+
## Find your data
42+
43+
After a successful connection is established, the data appears in **Logs**, under the **CustomLogs** section, in one or more of the following tables:
44+
- `Cisco_Umbrella_dns_CL`
45+
- `Cisco_Umbrella_proxy_CL`
46+
- `Cisco_Umbrella_ip_CL`
47+
- `Cisco_Umbrella_cloudfirewall_CL`
48+
49+
## Validate connectivity
50+
51+
It may take up to 20 minutes until your logs start to appear in Log Analytics.
52+
53+
## Next steps
54+
55+
In this document, you learned how to connect Cisco Umbrella data to Azure Sentinel. To learn more about Azure Sentinel, see the following articles:
56+
- Learn how to [get visibility into your data and potential threats](quickstart-get-visibility.md).
57+
- Get started [detecting threats with Azure Sentinel](tutorial-detect-threats-built-in.md).
58+
- [Use workbooks](tutorial-monitor-your-data.md) to monitor your data.
Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
---
2+
title: Connect Trend Micro TippingPoint to Azure Sentinel | Microsoft Docs
3+
description: Learn how to use the Trend Micro TippingPoint data connector to pull TippingPoint SMS logs into Azure Sentinel. View TippingPoint data in workbooks, create alerts, and improve investigation.
4+
services: sentinel
5+
documentationcenter: na
6+
author: yelevin
7+
manager: rkarlin
8+
editor: ''
9+
10+
ms.assetid: 0001cad6-699c-4ca9-b66c-80c194e439a5
11+
ms.service: azure-sentinel
12+
ms.subservice: azure-sentinel
13+
ms.devlang: na
14+
ms.topic: how-to
15+
ms.tgt_pltfrm: na
16+
ms.workload: na
17+
ms.date: 01/12/2021
18+
ms.author: yelevin
19+
20+
---
21+
# Connect Trend Micro TippingPoint
22+
23+
The Trend Micro TippingPoint connector lets you easily connect your TippingPoint SMS logs with Azure Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's networks and systems, and improves your security operation capabilities.
24+
25+
## Prerequisites
26+
27+
- Read and write permissions to the Azure Sentinel workspace.
28+
29+
## Connect Azure Sentinel to Trend Micro TippingPoint
30+
31+
1. In the Azure portal, navigate to **Azure Sentinel** > **Data connectors** and then select the **Trend Micro TippingPoint** connector.
32+
33+
2. Select **Open connector page**.
34+
35+
3. Follow the instructions and next steps.
36+
37+
## Next steps
38+
39+
In this document, you learned how to connect Trend Micro TippingPoint to Azure Sentinel. To learn more about Azure Sentinel, see the following articles:
40+
- Learn how to [get visibility into your data, and potential threats](quickstart-get-visibility.md).
41+
- Get started [detecting threats with Azure Sentinel](tutorial-detect-threats-built-in.md).
42+
- [Use workbooks](tutorial-monitor-your-data.md) to monitor your data.
Loading

0 commit comments

Comments
 (0)
Please sign in to comment.