Wiz Audit Logs connector

Important

This feature is in Beta. Workspace admins can control access to this feature from the Previews page. See Manage Azure Databricks previews.

The managed Wiz Audit Logs connector in Lakeflow Connect allows you to ingest audit log entries, issues, and vulnerability findings from Wiz into Azure Databricks.

Feature availability

Feature Availability
UI-based pipeline authoring Green check icon Supported
API-based pipeline authoring Green check icon Supported
Declarative Automation Bundles Green check icon Supported
Incremental ingestion Green check icon Supported
Unity Catalog governance Green check icon Supported
Orchestration using Databricks Workflows Green check icon Supported
SCD type 2 Red X icon Not supported
Wiz audit logs, issues, and vulnerability findings are ingested as an append-only feed.
Automated schema evolution: New and deleted columns Green check icon Supported
Automated schema evolution: Data type changes Red X icon Not supported
Automated schema evolution: Column renames Red X icon Not supported
Requires a full refresh.

Authentication methods

Authentication method Availability
OAuth machine-to-machine (Wiz service account) Green check icon Supported
API token Red X icon Not supported
Basic authentication (username/password) Red X icon Not supported

What to know before you start

Topic Why it matters
Azure Databricks user persona The workflow depends on your Azure Databricks user persona:
  • Single-user: An admin user creates a Unity Catalog connection and an ingestion pipeline.
  • Multi-user: An admin user creates a connection for non-admin users to create pipelines with.
Authentication method The steps to create a connection depend on the authentication method you select.
Interface The steps to create a pipeline depend on the interface.
Ingestion frequency The pipeline schedule depends on your latency and cost requirements.
Common patterns Depending on your ingestion needs, the pipeline might use configurations like history tracking, column selection, and row filtering. Supported configurations vary by connector. See Feature availability.

Start ingesting from Wiz Audit Logs

The following table has an overview of the end-to-end Wiz Audit Logs ingestion flow, based on user type:

User Steps
Admin
Non-admin Use any supported interface to create a pipeline from an existing connection. See Ingest data from Wiz Audit Logs.