SaaS Security connector for Microsoft Sentinel
Connects the Valence SaaS security platform Azure Log Analytics via the REST API interface
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | ValenceAlert_CL |
| Data collection rules support | Not currently supported |
| Supported by | Valence Security |
Query samples
All Valence Security alerts
ValenceAlert_CL
All critical Valence Security alerts
ValenceAlert_CL
| where alertType_severity_s == "Critical"
Vendor installation instructions
Step 1 : Read the detailed documentation
The installation process is documented in great detail in Valence Security's knowledge base. The user should consult this documentation further to understand installation and debug of the integration.
Step 2: Retrieve the workspace access credentials
The first installation step is to retrieve both your Workspace ID and Primary Key from the Microsoft Sentinel platform. Copy the values shown below and save them for configuration of the API log forwarder integration.
Step 3: Configure Sentinel integration on the Valence Security Platform
As a Valence Security Platform admin, go to the configuration screen, click Connect in the SIEM Integration card, and choose Microsoft Sentinel. Paste the values from the previous step and click Connect. Valence will test the connection so when success is reported, the connection worked.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for