Atlassian Beacon Alerts connector for Microsoft Sentinel
Atlassian Beacon is a cloud product that is built for Intelligent threat detection across the Atlassian platforms (Jira, Confluence, and Atlassian Admin). This can help users detect, investigate and respond to risky user activity for the Atlassian suite of products. The solution is a custom data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon to Microsoft Sentinel via a Logic App.
This is autogenerated content. For changes, contact the solution provider.
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | atlassian_beacon_alerts_CL |
| Data collection rules support | Not currently supported |
| Supported by | DEFEND Ltd. |
Query samples
Atlassian Beacon Alerts
atlassian_beacon_alerts_CL
| sort by TimeGenerated desc
Vendor installation instructions
Step 1: Microsoft Sentinel
Navigate to the newly installed Logic App 'Atlassian Beacon Integration'
Navigate to 'Logic app designer'
Expand the 'When a HTTP request is received'
Copy the 'HTTP POST URL'
Step 2: Atlassian Beacon
Login to Atlassian Beacon using an admin account
Navigate to 'SIEM forwarding' under SETTINGS
Paste the copied URL from Logic App in the text box
Click the 'Save' button
Step 3: Testing and Validation
Login to Atlassian Beacon using an admin account
Navigate to 'SIEM forwarding' under SETTINGS
Click the 'Test' button right next to the newly configured webhook
Navigate to Microsoft Sentinel
Navigate to the newly installed Logic App
Check for the Logic App Run under 'Runs history'
Check for logs under the table name 'atlassian_beacon_alerts_CL' in 'Logs'
If the analytic rule has been enabled, the above Test alert should have created an incident in Microsoft Sentinel
Next steps
For more information, go to the related solution in the Azure Marketplace.