Редагувати

Поділитися через


SaaS Security connector for Microsoft Sentinel

Connects the Valence SaaS security platform Azure Log Analytics via the REST API interface

This is autogenerated content. For changes, contact the solution provider.

Connector attributes

Connector attribute Description
Log Analytics table(s) ValenceAlert_CL
Data collection rules support Not currently supported
Supported by Valence Security

Query samples

All Valence Security alerts

ValenceAlert_CL

All critical Valence Security alerts

ValenceAlert_CL 
| where alertType_severity_s == "Critical"

Vendor installation instructions

Step 1 : Read the detailed documentation

The installation process is documented in great detail in Valence Security's knowledge base. The user should consult this documentation further to understand installation and debug of the integration.

Step 2: Retrieve the workspace access credentials

The first installation step is to retrieve both your Workspace ID and Primary Key from the Microsoft Sentinel platform. Copy the values shown below and save them for configuration of the API log forwarder integration.

Step 3: Configure Sentinel integration on the Valence Security Platform

As a Valence Security Platform admin, go to the configuration screen, click Connect in the SIEM Integration card, and choose Microsoft Sentinel. Paste the values from the previous step and click Connect. Valence will test the connection so when success is reported, the connection worked.

Next steps

For more information, go to the related solution in the Azure Marketplace.