Forescout Host Property Monitor connector for Microsoft Sentinel
The Forescout Host Property Monitor connector allows you to connect host properties from Forescout platform with Microsoft Sentinel, to view, create custom incidents, and improve investigation. This gives you more insight into your organization network and improves your security operation capabilities.
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | ForescoutHostProperties_CL |
| Data collection rules support | Not currently supported |
| Supported by | Microsoft Corporation |
Query samples
Get 5 latest host property entries
ForescoutHostProperties_CL
| take 5
Prerequisites
To integrate with Forescout Host Property Monitor make sure you have:
- Forescout Plugin requirement: Please make sure Forescout Microsoft Sentinel plugin is running on Forescout platform
Vendor installation instructions
Instructions on how to configure Forescout Microsoft Sentinel plugin are provided at Forescout Documentation Portal (https://docs.forescout.com/bundle/sentinel-1-0-h)
Next steps
For more information, go to the related solution in the Azure Marketplace.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for