Unable to deploy "Atlassian Confluence Audit (via Codeless Connector Platform)" data connector on Microsoft Sentinel

Question

I am unable to deploy "Atlassian Confluence Audit (via Codeless Connector Platform)"data connector on Azure Sentinel. Getting following error message:

Connectivity check failed. ConnectorId: ConfluenceAuditCCPPolling, Status code:Unauthorized, Message:Call failed with status code 401 (Unauthorized): GET https://companyname.atlassian.net/wiki/rest/api/audit?startDate=1762495505090&endDate=1762495805090

I have created a service account on admin.atlassian.net. I have given service account "App Admin" permission to Confluence and Jira. I have also created an API Token on the service account and granted it read:audit-log:jira/read:audit-log:conflence scope.

When I go to "Atlassian Confluence Audit (via Codeless Connector Platform)" data connector on  Azure Sentinel and click on add organization, it asks for 3 details - organization url, service account email, and API Token. I am providing these details and made sure that service account have correct permission but I am still getting the error message that I have shared above. Can someone please advise.

Answer 1

Hi Hasan,

Thank you for posting your query on Microsoft Q&A.

If you are having trouble deploying the Atlassian Confluence Audit data connector in Microsoft Sentinel, here are clear and practical steps to check:

1. Make sure the service account and API token you use have the right permissions in Atlassian Confluence, usually, admin access is required to read audit logs.
2. Verify that the Atlassian organization URL you entered matches your cloud instance exactly (for example, https://yourdomain.atlassian.net), with no extra slashes or typos.
3. Be aware that Atlassian enforces API rate limits—too many requests too fast may cause data retrieval issues. Try to space out connector queries if needed.
4. The connector is still in preview, so some functionality might be limited. Ensure your Azure resources (Log Analytics workspace etc.) have proper permissions for the connector to write data.
5. Test API connectivity manually with tools like Postman, to confirm your token and service account can access audit logs.
6. After deployment, give the system a few minutes to start showing data. Check for custom tables like ConfluenceAuditLogs_CL in your Sentinel workspace.

If problems continue, verify network restrictions aren’t blocking the connector and review error logs in Sentinel for more clues.

Useful links to help:

Microsoft Sentinel data connectors | Microsoft Learn

Troubleshoot solutions in Microsoft Sentinel | Microsoft Learn

I hope this information is helpful. Please feel free to reach out if you have any further questions. If the answer is helpful, please click "Accept Answer" and kindly upvote it.