Sonrai Data connector for Microsoft Sentinel
Use this data connector to integrate with Sonrai Security and get Sonrai tickets sent directly to Microsoft Sentinel.
Connector attributes
Connector attribute | Description |
---|---|
Log Analytics table(s) | Sonrai_Tickets_CL |
Data collection rules support | Not currently supported |
Supported by | Sonrai |
Query samples
Query for tickets with AWSS3ObjectFingerprint resource type.
Sonrai_Tickets_CL
| where digest_resourceType_s == "AWSS3ObjectFingerprint"
| limit 10
Vendor installation instructions
Sonrai Security Data Connector
- Navigate to Sonrai Security dashboard.
- On the bottom left panel, click on integrations.
- Select Microsoft Sentinel from the list of available Integrations.
- Fill in the form using the information provided below.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for