Duplicate » admin by request

Microsoft Sentinel Integration

Microsoft Sentinel logo on a dark digital background of white networks.
Picture of Sophie Dodson

Sophie Dodson

A tech-savvy author, seamlessly integrating computer science and computer graphic design expertise for a precision-focused approach in her writing, currently specializing in cybersecurity topics.

Ready to get started? Download the step-by-step guide below.

Is there such a thing as too much security? Not in our books. And that’s why we offer a public REST API to our customers as part of their Admin By Request license: providing the ability to pull data into your own SIEM system for further analysis.

The latest SIEM we’ve built an integration for is Microsoft Sentinel – Microsoft’s “scalable, cloud-native, security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution”.

What the Integration Offers

With this integration, we’ve set up a hassle-free way to send Auditlog data from your User Portal to Microsoft Sentinel using Azure Logic Apps. It’s quick, painless, and ensures you get the best of both worlds: comprehensive Auditlog data combined with Sentinel’s intelligent security analysis and threat detection capabilities.

How it Works

Microsoft Sentinel offers various ways to consume data from different sources. For this integration, we leverage the power of Azure Logic Apps to consume the Admin By Request Auditlog API and forward each new entry to an Azure Log Analytics Workspace for further Sentinel consumption.

The Azure Logic App requires only a few simple changes before having you up and running with Auditlog data in your Sentinel setup:

  • Set up the workspace
  • Create an Azure Logic App
  • Plug in the code
  • Enter parameters
  • Add some actions
  • Run the app

You can then point your Sentinel setup to use the configured workspace as a data source.

Download the manual below for a step-by-step how-to guide:

Something Missing?

If you’ve identified a bug or have a suggestion for this integration, or another SIEM integration you’d like us to add, contact us here and we’ll see what we can do.

Latest Blogs

Share this blog to your channels:

© 2024 ADMIN BY REQUEST

Data Processing | Terms & Conditions | Privacy Policy

Get the Admin By Request Free Plan

Fill out the form with your work email and we’ll send your credentials to your inbox.

Book a Demo

Orange admin by request circle tick logo. » admin by request