Duplicate » admin by request

Microsoft Sentinel Integration

Microsoft Sentinel logo on a dark digital background of white networks.

Ready to get started? Download the step-by-step guide below.

Is there such a thing as too much security? Not in our books. And that’s why we offer a public REST API to our customers as part of their Admin By Request license: providing the ability to pull data into your own SIEM system for further analysis.

The latest SIEM we’ve built an integration for is Microsoft Sentinel – Microsoft’s “scalable, cloud-native, security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution”.

What the Integration Offers

With this integration, we’ve set up a hassle-free way to send Auditlog data from your User Portal to Microsoft Sentinel using Azure Logic Apps. It’s quick, painless, and ensures you get the best of both worlds: comprehensive Auditlog data combined with Sentinel’s intelligent security analysis and threat detection capabilities.

How it Works

Microsoft Sentinel offers various ways to consume data from different sources. For this integration, we leverage the power of Azure Logic Apps to consume the Admin By Request Auditlog API and forward each new entry to an Azure Log Analytics Workspace for further Sentinel consumption.

The Azure Logic App requires only a few simple changes before having you up and running with Auditlog data in your Sentinel setup:

  • Set up the workspace
  • Create an Azure Logic App
  • Plug in the code
  • Enter parameters
  • Add some actions
  • Run the app

You can then point your Sentinel setup to use the configured workspace as a data source.

Download the manual below for a step-by-step how-to guide:

Something Missing?

If you’ve identified a bug or have a suggestion for this integration, or another SIEM integration you’d like us to add, contact us here and we’ll see what we can do.

About the Author:

Picture of S Dodson

S Dodson

With a solid background in computer science and graphic design, my career kicked off writing tech manuals for various companies in both the software and hardware realms. I then side-stepped into marketing and found my passion in cybersecurity. I fuse my tech know-how with design skills to craft engaging blogs that spotlight cybersecurity for businesses. My main focus now is championing the marketing efforts of Admin By Request Zero Trust Platform, where my creative take on cybersecurity helps me create content that's enlightening, entertaining, and impactful. My articles have graced the pages of InfoSec Magazine and top-tier security websites like OPSWAT. I'm on a mission to stress the significance of cybersecurity and to showcase how Admin By Request is shaking things up by making enterprise solutions simple, intuitive, accessible, and affordable to organizations of all sizes, in any industry. My goal is to craft content that informs, intrigues, and motivates action, helping businesses understand the pivotal role of cybersecurity in the digital age we're now living in. Through my work, I aim to close the gap between technology and its real-world applications, keeping our audience well-informed, interested, and ready for the ever-evolving cybersecurity landscape. I bring a blend of extensive experience, deep expertise, recognized authority, and unwavering commitment to trustworthiness in cybersecurity. My goal? To make complex topics relatable and actionable for businesses of all sizes - just like Admin By Request strives to do.

Share this blog to your channels:

Get the Admin By Request Free Plan

Fill out the form with your work email and we’ll send your credentials to your inbox.

Book a Demo

Orange admin by request circle tick logo. » admin by request