แก้ไข

แชร์ผ่าน


Prancer Data connector for Microsoft Sentinel

The Prancer Data Connector has provides the capability to ingest Prancer (CSPM)[https://docs.prancer.io/web/CSPM/] and PAC data to process through Microsoft Sentinel. Refer to Prancer Documentation for more information.

This is autogenerated content. For changes, contact the solution provider.

Connector attributes

Connector attribute Description
Log Analytics table(s) prancer_CL
Data collection rules support Not currently supported
Supported by Prancer PenSuiteAI Integration

Query samples

High Severity Alerts

prancer_CL

| where severity_s == 'High'

Prerequisites

To integrate with Prancer Data Connector make sure you have:

  • Include custom pre-requisites if the connectivity requires - else delete customs: Description for any custom pre-requisite

Vendor installation instructions

Note

This connector uses Azure Functions to connect to the Prancer REST API to pull logs into Microsoft sentinel. This might result in additional data ingestion costs. Check the Azure Functions pricing page for details.

STEP 1: Follow the documentation on the Prancer Documentation Site in order to set up an scan with an azure cloud connector.

STEP 2: Once the scan is created go to the 'Third Part Integrations' menu for the scan and select Sentinel.

STEP 3: Create follow the configuration wizard to select where in Azure the results should be sent to.

STEP 4: Data should start to get fed into Microsoft Sentinel for processing.

Next steps

For more information, go to the related solution in the Azure Marketplace.