Microsoft Azure Sentinel Incidents CDF

Overview

Sentinel is a project of Microsoft Azure with the goal of alerting SOC's of potential compromise. This feed retrieves those incidents. 

The Microsoft Azure Sentinel integration provides the following feeds:

  • Microsoft Azure Sentinel Incidents
  • Microsoft Azure Sentinel - Authentication (supplemental)
  • Microsoft Azure Sentinel - Incidents Relations (supplemental)
  • Microsoft Azure Sentinel - Entity Details (supplemental)
  • Microsoft Azure Sentinel - Entity Indicators (supplemental)