Microsoft Sentinel
Learn how to send events to Azure Monitor to use with Microsoft Sentinel from Couchdrop
Requirements
Required Configuration
To connect to Azure Monitor you will need:
Azure Tenant ID
Azure Client ID
Azure Client Secret
Log Ingestion Endpoint
DCR Immutable ID
Stream Name
To learn how to setup Azure Monitor API access you can visit https://learn.microsoft.com/en-us/azure/azure-monitor/logs/logs-ingestion-api-overview
Configuration Steps
Log in to Couchdrop and navigate to the Admin Panel - Logging
Select Connect/Manage on the Microsoft Sentinel Provider Pill
Select the Events to send to Azure Monitor
Configure the required Azure Monitor fields
Click Save Updates
Last updated
Was this helpful?