Talon Insights connector for Microsoft Sentinel
The Talon Security Logs connector allows you to easily connect your Talon events and audit logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation.
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | Talon_CL |
| Data collection rules support | Not currently supported |
| Supported by | Talon Security |
Query samples
Blocked user activities
Talon_CL
| where action_s != "blocked"
**Failed login user **
Talon_CL
| where eventType_s == "loginFailed"
**Audit logs changes **
Talon_CL
| where type_s == "audit"
Vendor installation instructions
Please note the values below and follow the instructions here to connect your Talon Security events and audit logs with Microsoft Sentinel.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for