Microsoft Sentinel Integration

Featured Image-01
Sophie Dodson

Sophie Dodson

With a background in computer science and graphic design, Sophie is a passionate writer and communicator of all things technical. Hailing from New Zealand, she provides documentation and research, commentary, and analysis on current cybersecurity topics at Fasttrack Software.

Ready to get started? Download the step-by-step guide below.

Is there such a thing as too much security? Not in our books. And that’s why we offer a public REST API to our customers as part of their Admin By Request license: providing the ability to pull data into your own SIEM system for further analysis.

The latest SIEM we’ve built an integration for is Microsoft Sentinel – Microsoft’s “scalable, cloud-native, security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution”.

What the Integration Offers

With this integration, we’ve set up a hassle-free way to send Auditlog data from your User Portal to Microsoft Sentinel using Azure Logic Apps. It’s quick, painless, and ensures you get the best of both worlds: comprehensive Auditlog data combined with Sentinel’s intelligent security analysis and threat detection capabilities.

How it Works

Microsoft Sentinel offers various ways to consume data from different sources. For this integration, we leverage the power of Azure Logic Apps to consume the Admin By Request Auditlog API and forward each new entry to an Azure Log Analytics Workspace for further Sentinel consumption.

The Azure Logic App requires only a few simple changes before having you up and running with Auditlog data in your Sentinel setup:

  • Set up the workspace
  • Create an Azure Logic App
  • Plug in the code
  • Enter parameters
  • Add some actions
  • Run the app

You can then point your Sentinel setup to use the configured workspace as a data source.

Download the manual below for a step-by-step how-to guide:

Something Missing?

If you’ve identified a bug or have a suggestion for this integration, or another SIEM integration you’d like us to add, contact us here and we’ll see what we can do.

Latest Blogs

Share this blog to your channels:

Latest Blogs


Data Processing | Terms & Conditions | Privacy Policy

Get the Admin By Request Free Plan

Workstation Edition

Fill out the form with your work email and we’ll display your credentials here, as well as send them to your inbox.

Book a Demo

Fill out the form below to request a free demo of our product.