question

NafilaAfrin-7897 avatar image
0 Votes"
NafilaAfrin-7897 asked NafilaAfrin-7897 answered

Upguard Integration with Azure Sentinel

Hi ,

  1. How we can integrate Upguard (Cyber vendor risk management and digital risk protection service platform) with Azure Sentinel. Is there any API available?

  2. Can we pull the log from Exchange(mail) and send logs to Sentinel.

Thanks in advance



microsoft-sentinel
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

vipulsparsh-MSFT avatar image
0 Votes"
vipulsparsh-MSFT answered

@NafilaAfrin-7897 Thanks for reaching out.


1) Yes we do have APIs to for various task within Sentinel such as :
Azure Sentinel Management API
Microsoft Graph Security API
Log Analytics API
HTTP Data Collector API

Read more about the APIs and their uses here : https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-api-101/ba-p/1438928
You most likely will need to use the Http data collector API or the Log analytics API if you end service uses REST calls.


2) Yes you can certainly pull the logs from exchange servers. For that you need to install a log analytic agent on the exchange server and select the logs you want from that server.

A detailed guide for this is mentioned at : https://azurecloudai.blog/2021/03/03/how-to-use-azure-sentinel-to-protect-against-the-exchange-zero-day/




Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

NafilaAfrin-7897 avatar image
0 Votes"
NafilaAfrin-7897 answered
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.