Microsoft Sentinel content hub catalog

Je li ova stranica od pomoći?

Imate dodatne povratne informacije?

Povratne informacije će biti poslane kompaniji Microsoft: pritiskom na dugme za slanje, vaše povratne informacije će se koristiti za unapređivanje proizvoda i usluga kompanije Microsoft. Pravila privatnosti.

Microsoft Sentinel solutions provide a consolidated way to acquire Microsoft Sentinel content - like data connectors, workbooks, analytics, and automation - in your workspace with a single deployment step.

This article lists the out-of-the-box (built-in), on-demand, Microsoft Sentinel data connectors and solutions available for you to deploy in your workspace. Deploying a solution makes any included security content, such as data connectors, playbooks, workbooks, or rules, in the relevant area of Microsoft Sentinel.

For more information, see Centrally discover and deploy Microsoft Sentinel out-of-the-box content and solutions.

Important

The Microsoft Sentinel content hub experience is currently in PREVIEW, as are all individual solution packages. See the Supplemental Terms of Use for Microsoft Azure Previews for additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.

Domain solutions

Name	Includes	Categories	Supported by
Apache Log4j Vulnerability Detection	Analytics rules, hunting queries	Application, Security - Threat Protection, Security - Vulnerability Management	Microsoft
Cybersecurity Maturity Model Certification (CMMC)	Analytics rules, workbook, playbook	Compliance	Microsoft
IoT/OT Threat Monitoring with Defender for IoT	Analytics rules, playbooks, workbook	Internet of Things (IoT), Security - Threat Protection	Microsoft
Maturity Model for Event Log Management M2131	Analytics rules, hunting queries, playbooks, workbook	Compliance	Microsoft
Microsoft Insider Risk Management (IRM)	Data connector, workbook, analytics rules, hunting queries, playbook	Security - Insider threat	Microsoft
Microsoft Sentinel Deception	Workbooks, analytics rules, watchlists	Security - Threat Protection	Microsoft
Zero Trust (TIC3.0)	Analytics rules, playbook, workbooks	Identity, Security - Others	Microsoft

Apache

Name	Includes	Categories	Supported by
Tomcat	Data connector, parser	DevOps, application	[Microsoft

Arista Networks

Name	Includes	Categories	Supported by
Arista Networks (Awake Security)	Data connector, workbooks, analytics rules	Security - Network	Arista - Awake Security

Atlassian

Name	Includes	Categories	Supported by
Atlassian Confluence Audit	Data connector	IT operations, application	Microsoft
Atlassian Jira Audit	Workbook, analytics rules, hunting queries	DevOps	Microsoft

Armorblox

Name	Includes	Categories	Supported by
Armorblox - Sentinel	Data connector	Security - Threat protection	Armorblox

Azure

Name	Includes	Categories	Supported by
Azure Firewall Solution for Sentinel	Data connector, workbook, analytics rules, playbooks, hunting queries, custom Logic App connector	Security - Network Security, Networking	Community
Microsoft Purview	Data connector, workbook, analytics rules For more information, see Tutorial: Integrate Microsoft Sentinel and Microsoft Purview.	Compliance, Security- Cloud Security, and Security- Information Protection	Microsoft
Microsoft Sentinel for SQL PaaS	Data connector, workbook, analytics rules, playbooks, hunting queries	Application	Community
Microsoft Sentinel Training Lab	Workbook, analytics rules, playbooks, hunting queries	Training and tutorials	Microsoft
Azure SQL	Data connector, workbook, analytics, playbooks, hunting queries	Application	Microsoft

Bosch

Name	Includes	Categories	Supported by
AIShield AI Security Monitoring	Data connector, analytics rule, parser	Security - Threat Protection	Bosch

Box

Name	Includes	Categories	Supported by
Box Solution	Data connector, workbook, analytics rules, hunting queries, parser	Storage, application	Microsoft

Check Point

Name	Includes	Categories	Supported by
Check Point Microsoft Sentinel Solutions	Data connector, playbooks, custom Logic App connector	Security - Automation (SOAR)	Checkpoint

Cisco

Name	Includes	Categories	Supported by
Cisco ACI	Data connector, parser	Security – Network	Microsoft
Cisco ASA	Data connector, playbooks, custom Logic App connector	Security – Automation (SOAR)	Microsoft
Cisco Duo Security	Data connector, parser	Identity	Microsoft
Cisco ISE	Data connector, workbooks, analytics rules, playbooks, hunting queries, parser, custom Logic App connector	Networking, Security - Others	Microsoft
Cisco Meraki	Data connector, playbooks, custom Logic App connector	Security - Network	Microsoft
Cisco Secure Email Gateway / ESA	Data connector, parser	Security - Threat Protection	Microsoft
Cisco StealthWatch	Data connector, parser	Security - Network	Microsoft
Cisco Umbrella	Data connector, workbooks, analytics rules, playbooks, hunting queries, parser, custom Logic App connector	Security - Cloud Security	Microsoft
Cisco Web Security Appliance (WSA)	Data connector, parser	Security - Network	Microsoft

Cloudflare

Name	Includes	Categories	Supported by
Cloudflare Solution	Data connector, workbooks, analytics rules, hunting queries, parser	Security - Network, networking	Microsoft

Contrast Security

Name	Includes	Categories	Supported by
Contrast Protect Microsoft Sentinel Solution	Data connector, workbooks, analytics rules	Security - Threat protection	Microsoft

Crowdstrike

Name	Includes	Categories	Supported by
CrowdStrike Falcon Endpoint Protection Solution	Data connector, workbooks, analytics rules, playbooks, parser	Security - Threat protection	Microsoft

Digital Guardian

Name	Includes	Categories	Supported by
Digital Guardian	Data connector, parser	Security - Information Protection	Microsoft

FalconForce

Name	Includes	Categories	Supported by
FalconFriday Content - Falcon Friday	Analytics rules	User Behavior (UEBA), Security - Insider threat	FalconForce

FireEye NX (Network Security)

Name	Includes	Categories	Supported by
FireEye NX (Network Security)	Data connector, parser	Security - Network	Microsoft

Flare Systems Firework

Name	Includes	Categories	Supported by
Flare Systems Firework	Data connector	Security - Threat protection	Microsoft

Forescout

Name	Includes	Categories	Supported by
Forescout	Data connector, parser	Security - Network	Microsoft

Fortinet Fortigate

Name	Includes	Categories	Supported by
Fortinet Fortigate	Data connector, playbooks, custom Logic App connector	Security - Automation (SOAR)	Microsoft

GitHub

Name	Includes	Categories	Supported by
Continuous Threat Monitoring for GitHub	Data connector, parser, workbook, analytics rules	Cloud Provider	Microsoft

Google

Name	Includes	Categories	Supported by
Google Cloud Platform DNS Solution	Data connector, parser	Cloud Provider, Networking	Microsoft
Google Cloud Platform Cloud Monitoring Solution	Data connector, parser	Cloud Provider	Microsoft
Google Cloud Platform Identity and Access Management Solution	Data connector, workbook, analytics rules, playbooks, hunting queries, parser, custom Logic App connector	Cloud Provider, Identity	Microsoft
Google Workspace Reports	Workbook, analytics rules, hunting queries	IT Operations	Microsoft

Holm Security

Name	Includes	Categories	Supported by
Holm Security	Data connector	Security - Threat Intelligence	Holm Security

HYAS

Name	Includes	Categories	Supported by
HYAS Insight for Microsoft Sentinel Solutions Gallery	Playbooks	Security - Threat Intelligence, Security - Automation (SOAR)	Microsoft

Imperva

Name	Includes	Categories	Supported by
Imperva Cloud WAF (formally Imperva Incapsula)	Data connector, parser	Security - Network	Microsoft

InfoBlox

Name	Includes	Categories	Supported by
InfoBlox Threat Defense / InfoBlox Cloud Data Connector	Data connector, workbook, analytics rules	Security - Threat protection	Microsoft

IronNet

Name	Includes	Categories	Supported by
IronNet CyberSecurity Iron Defense - Microsoft Sentinel		Security - Network	Microsoft

Joshua Cyberisk Vision

Name	Includes	Categories	Supported by
Joshua Cyberisk Vision	Playbooks	Security - Threat Intelligence	Joshua Cyberisk Vision

Juniper

Name	Includes	Categories	Supported by
Juniper IDP	Data connector, parser	Security - Network	Microsoft

Kaspersky

Name	Includes	Categories	Supported by
Kaspersky AntiVirus	Data connector, parser	Security - Threat protection	Microsoft

Lastpass

Name	Includes	Categories	Supported by
Lastpass Enterprise Activity Monitoring	Data connector, analytic rules, hunting queries, watchlist, workbook	Application	The Collective Consulting

Lookout

Name	Includes	Categories	Supported by
Lookout Mobile Threat Defense for Microsoft Sentinel	Data connector	Security - Network	Lookout

McAfee

Name	Includes	Categories	Supported by
McAfee ePolicy Orchestrator Solution	Data connector, workbook, analytics rules, playbooks, hunting queries, parser, custom Logic App connector	Security - Threat protection	Microsoft
McAfee Network Security Platform Solution (Intrushield) + AntiVirus Information (T1 minus Logic apps)	Data connector, workbooks, analytics rules, hunting queries, parser	Security - Threat protection	Microsoft

Microsoft

Name	Includes	Categories	Supported by
Microsoft Defender for Endpoint	Hunting queries, parsers	Security - Threat Protection	Microsoft
Microsoft Sentinel for Microsoft Dynamics 365	Data connector, workbooks, analytics rules, and hunting queries	Application	Microsoft
Microsoft Sentinel for Teams	Analytics rules, playbooks, hunting queries	Application	Microsoft
Microsoft Sysmon for Linux	Data connector	Platform	Microsoft

NGINX

Name	Includes	Categories	Supported by
Nginx	Data connector, workbooks, analytics rules, hunting queries, parser	Security – Network, Networking, DevOps	Microsoft

NXLog

Name	Includes	Categories	Supported by
NXLog AIX Audit	Data connector, parser	IT operations	NXLog
NXLog DNS Logs	Data connector	Networking	NXLog

Oracle

Name	Includes	Categories	Supported by
Oracle Cloud Infrastructure	Data connector, parser	Cloud Provider	Microsoft
Oracle Database Audit	Data connector, workbook, analytics rules, hunting queries, parser	Application	Microsoft
Oracle WebLogic Server	Data connector, workbook, analytics rules, hunting queries, parser	IT Operations	Microsoft

Palo Alto

Name	Includes	Categories	Supported by
Palo Alto PAN-OS	Data connector, playbooks, custom Logic App connector	Security - Automation (SOAR), Security - Network	Microsoft
Palo Alto Prisma Solution	Data connector, workbooks, analytics rules, hunting queries, parser	Security - Cloud security	Microsoft

Ping Identity

Name	Includes	Categories	Supported by
PingFederate Solution	Data connector, workbooks, analytics rules, hunting queries, parser	Identity	Microsoft

Proofpoint

Name	Includes	Categories	Supported by
Proofpoint POD Solution	Data connector, workbook, analytics rules, hunting queries, parser	Security - Threat protection	Microsoft
Proofpoint TAP Solution	Workbooks, analytics rules, playbooks, custom Logic App connector	Security - Automation (SOAR), Security - Threat protection	Microsoft

Qualys

Name	Includes	Categories	Supported by
Qualys VM Solution	Workbooks, analytics rules	Security - Vulnerability Management	Microsoft

Rapid7

Name	Includes	Categories	Supported by
Rapid7 InsightVM CloudAPI Solution	Data connector, parser	Security - Vulnerability Management	Microsoft

ReversingLabs

Name	Includes	Categories	Supported by
ReversingLabs TitaniumCloud File Enrichment Solution	Playbooks	Security - Threat intelligence	ReversingLabs

RiskIQ

Name	Includes	Categories	Supported by
RiskIQ Security Intelligence Playbooks	Playbooks	Security - Threat intelligence, Security - Automation (SOAR)	RiskIQ

RSA

Name	Includes	Categories	Supported by
RSA SecurID	Data connector, parser	Security - Others, Identity	Microsoft

SAP

Name	Includes	Categories	Supported by
Continuous Threat Monitoring for SAP	Data connector, workbooks, analytics rules, watchlists	Application	Community

Semperis

Name	Includes	Categories	Supported by
Semperis	Data connector, workbooks, analytics rules, parser	Security - Threat protection, Identity	Semperis

Senserva Pro

Name	Includes	Categories	Supported by
Senserva Offer for Microsoft Sentinel	Data connector, workbooks, analytics rules, hunting queries	Compliance	Senserva

Shadowbytes

Name	Includes	Categories	Supported by
Shadowbytes ARIA Threat Intelligence	Data connector, playbook	Security - Threat protection	Shadowbyte

SIGNL4

Name	Includes	Categories	Supported by
SIGNL4 Mobile Alerting	Data connector, playbook	DevOps, IT Operations	SIGNL4

Sonrai Security

Name	Includes	Categories	Supported by
Sonrai Security - Microsoft Sentinel	Data connector, workbooks, analytics rules	Compliance	Sonrai Security

Slack

Name	Includes	Categories	Supported by
Slack Audit Solution	Data connector, workbooks, analytics rules, hunting queries, parser	Application	Microsoft

Sophos

Name	Includes	Categories	Supported by
Sophos Endpoint Protection Solution	Data connector, parser	Security - Threat protection	Microsoft
Sophos XG Firewall Solution	Workbooks, analytics rules, parser	Security - Network	Microsoft

Symantec

Name	Includes	Categories	Supported by
Symantec Endpoint	Data connector, workbook, analytics rules, playbooks, hunting queries, parser	Security - Threat protection	Microsoft
Symantec ProxySG Solution	Workbooks, analytics rules	Security - Network	Symantec

Tenable

Name	Includes	Categories	Supported by
Tenable Nessus Scanner / IO VM reports for cloud	Data connector, parser	Security - Vulnerability Management	Microsoft

Trend Micro

Name	Includes	Categories	Supported by
Trend Micro Apex One Solution	Data connector, hunting queries, parser	Security - Threat protection	Microsoft

Ubiquiti

Name	Includes	Categories	Supported by
Ubiquiti UniFi Solution	Data connector, workbooks, analytics rules, hunting queries, parser	Security - Network	Microsoft

vArmour

Name	Includes	Categories	Supported by
vArmour Application Controller and Microsoft Sentinel Solution	Data connector, workbook, analytics rules	IT Operations	vArmour

Vectra

Name	Includes	Categories	Supported by
Vectra Stream Solution	Data connector, hunting queries, parser	Security - Network	Microsoft

VMware

Name	Includes	Categories	Supported by
VMware Carbon Black Solution	Workbooks, analytics rules	Security - Threat protection	Microsoft
VMware ESXi	Workbooks, analytics rules, data connectors, hunting queries, parser	IT Operations	Microsoft

Zeek Network

Name	Includes	Categories	Supported by
Corelight for Microsoft Sentinel	Data connector, workbooks, analytics rules, hunting queries, parser	IT Operations, Security - Network	Zeek Network

Zscalar

Name	Includes	Categories	Supported by
Zscalar Private Access	Data connector, workbook, analytics rules, hunting queries, parser	Security - Network	Microsoft

Next steps

In this document, you learned about Microsoft Sentinel solutions and how to find and deploy them.

• Learn more about Microsoft Sentinel Solutions.
• Find and deploy Microsoft Sentinel Solutions.