Flare connector for Microsoft Sentinel
Flare connector allows you to receive data and intelligence from Flare on Microsoft Sentinel.
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | Firework_CL |
| Data collection rules support | Not currently supported |
| Supported by | Flare |
Query samples
Flare Activities -- All
Firework_CL
| sort by TimeGenerated desc
Prerequisites
To integrate with Flare make sure you have:
- Required Flare permissions: only Flare organization administrators may configure the Microsoft Sentinel integration.
Vendor installation instructions
- Creating an Alert Channel for Microsoft Sentinel
As an organization administrator, authenticate on Flare and access the team page to create a new alert channel.
Click on 'Create a new alert channel' and select 'Microsoft Sentinel'. Enter your Shared Key And WorkspaceID. Save the Alert Channel. For more help and details, see our Azure configuration documentation.
{0}
{0}
- Associating your alert channel to an alert feed
At this point, you may configure alerts to be sent to Microsoft Sentinel the same way that you would configure regular email alerts.
For a more detailed guide, refer to the Flare documentation.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for