Microsoft Sentinel content hub catalog

Artikel
06/19/2022
12 minit untuk dibaca

Microsoft Sentinel solutions provide a consolidated way to acquire Microsoft Sentinel content - like data connectors, workbooks, analytics, and automation - in your workspace with a single deployment step.

This article lists the out-of-the-box (built-in), on-demand, Microsoft Sentinel data connectors and solutions available for you to deploy in your workspace. Deploying a solution makes any included security content, such as data connectors, playbooks, workbooks, or rules, in the relevant area of Microsoft Sentinel.

For more information, see Centrally discover and deploy Microsoft Sentinel out-of-the-box content and solutions.

Important

The Microsoft Sentinel content hub experience is currently in PREVIEW, as are all individual solution packages. See the Supplemental Terms of Use for Microsoft Azure Previews for additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.

Domain solutions

Name	Includes	Categories	Supported by
Apache Log4j Vulnerability Detection	Analytics rules, hunting queries, workbooks, playbooks	Application, Security - Threat Protection, Security - Vulnerability Management	Microsoft
Cybersecurity Maturity Model Certification (CMMC)	Analytics rules, workbook, playbook	Compliance	Microsoft
IoT/OT Threat Monitoring with Defender for IoT	Analytics rules, playbooks, workbook	Internet of Things (IoT), Security - Threat Protection	Microsoft
Maturity Model for Event Log Management M2131	Analytics rules, hunting queries, playbooks, workbook	Compliance	Microsoft
Microsoft Insider Risk Management (IRM)	Data connector, workbook, analytics rules, hunting queries, playbook	Security - Insider threat	Microsoft
Microsoft Sentinel Deception	Workbooks, analytics rules, watchlists	Security - Threat Protection	Microsoft
Zero Trust (TIC3.0)	Analytics rules, playbook, workbooks	Identity, Security - Others	Microsoft

Akamai

Name	Includes	Categories	Supported by
Akamai Security	Data connector, parser	Security - Cloud Security	Microsoft

Amazon Web Services

Name	Includes	Categories	Supported by
Amazon Web Services	Data connector, analytics rules, hunting queries, workbooks	Security - Cloud Security	Microsoft

Apache

Name	Includes	Categories	Supported by
Tomcat	Data connector, parser	DevOps, application	Microsoft

Arista Networks

Name	Includes	Categories	Supported by
Arista Networks (Awake Security)	Data connector, workbooks, analytics rules	Security - Network	Arista - Awake Security

Armorblox

Name	Includes	Categories	Supported by
Armorblox - Sentinel	Data connector	Security - Threat protection	Armorblox

Atlassian

Name	Includes	Categories	Supported by
Atlassian Confluence Audit	Data connector	IT operations, application	Microsoft
Atlassian Jira Audit	Workbook, analytics rules, hunting queries	DevOps	Microsoft

Aruba

Name	Includes	Categories	Supported by
Aruba ClearPass	Data connector, parser	Security - Threat Protection	Microsoft

Azure

Name	Includes	Categories	Supported by
Azure Active Directory	Data connector, workbooks, analytic rules	Identity	Microsoft
Azure Active Directory Identity Protection	Data connector, analytic rules	Security - Threat Protection	Microsoft
Azure Activity	Data connector, workbooks, analytic rules	IT Operations	Microsoft
Azure DDoS Protection	Data connector, workbook	Cloud Provider, Security - Network	Microsoft
Azure Firewall Solution for Sentinel	Data connector, workbook, analytics rules, hunting queries, workbook	Security - Network Security, Networking	Community
Azure Information Protection	Data connector, workbook	Cloud Provider, Security - Others	Microsoft
Azure Key Vault	Data connector, analytics rules	Application	Microsoft
Azure Kubernetes Service (AKS)	Data connector, workbook	DevOps	Microsoft
Azure SQL Database	Data connector	Cloud Provider, IT Operations	Microsoft
Azure Storage	Data connector	Cloud Provider, IT Operations, Storage	Microsoft
Azure Web Application Firewall (WAF)	Data connector, analytics rules, workbooks	Security - Network	Microsoft

Barracuda

Name	Includes	Categories	Supported by
Barracuda WAF	Data connector	Security - Network	Barracuda

Blackberry

Name	Includes	Categories	Supported by
Blackberry CylancePROTECT	Data connector, parser	Security - Threat Protection	Microsoft

Bosch

Name	Includes	Categories	Supported by
AIShield AI Security Monitoring	Data connector, analytics rule, parser	Security - Threat Protection	Bosch

Box

Name	Includes	Categories	Supported by
Box Solution	Data connector, workbook, analytics rules, hunting queries, parser	Storage, application	Microsoft

Broadcom

Name	Includes	Categories	Supported by
Broadcom SymantecDLP	Data connector, parser	Security - Information Protection	Microsoft

Check Point

Name	Includes	Categories	Supported by
Check Point Microsoft Sentinel Solutions	Data connector, playbooks, custom Logic App connector	Security - Automation (SOAR)	Checkpoint

Cisco

Name	Includes	Categories	Supported by
Cisco ACI	Data connector, parser	Security – Network	Microsoft
Cisco ASA	Data connector, playbooks, custom Logic App connector	Security – Automation (SOAR)	Microsoft
Cisco Duo Security	Data connector, parser	Identity	Microsoft
Cisco ISE	Data connector, workbooks, analytics rules, playbooks, hunting queries, parser, custom Logic App connector	Networking, Security - Others	Microsoft
Cisco Meraki	Data connector, playbooks, custom Logic App connector	Security - Network	Microsoft
Cisco Secure Email Gateway / ESA	Data connector, parser	Security - Threat Protection	Microsoft
Cisco StealthWatch	Data connector, parser	Security - Network	Microsoft
Cisco UCS	Data connector, parser	Platform	Microsoft
Cisco Umbrella	Data connector, workbooks, analytics rules, playbooks, hunting queries, parser, custom Logic App connector	Security - Cloud Security	Microsoft
Cisco Web Security Appliance (WSA)	Data connector, parser	Security - Network	Microsoft

Citrix ADC

Name	Includes	Categories	Supported by
Citrix ADC	Data connector, parser	Networking	Microsoft

Cloudflare

Name	Includes	Categories	Supported by
Cloudflare Solution	Data connector, workbooks, analytics rules, hunting queries, parser	Security - Network, networking	Microsoft

Contrast Security

Name	Includes	Categories	Supported by
Contrast Protect Microsoft Sentinel Solution	Data connector, workbooks, analytics rules	Security - Threat protection	Microsoft

Crowdstrike

Name	Includes	Categories	Supported by
CrowdStrike Falcon Endpoint Protection Solution	Data connector, workbooks, analytics rules, playbooks, parser	Security - Threat protection	Microsoft

CyberArk

Name	Includes	Categories	Supported by
CyberArk Enterprise Password Vault (EPV)	Data connector, workbooks	Identity	CyberArk
CyberArk EPM Integration)	Data connector, parser	Identity, Security - Threat Protection	CyberArk

Cyberpion

Name	Includes	Categories	Supported by
Cyberpion Security Logs	Data connector, analytics rule, workbook	Security - Threat Protection	Cyberpion

Digital Guardian

Name	Includes	Categories	Supported by
Digital Guardian	Data connector, parser	Security - Information Protection	Microsoft

Exabeam

Name	Includes	Categories	Supported by
Exabeam Advanced Analytics	Data connector, parser	Security - Others	Microsoft

Facebook

Name	Includes	Categories	Supported by
Workplace from Facebook	Data connector, parser	Application	Microsoft

FalconForce

Name	Includes	Categories	Supported by
FalconFriday Content - Falcon Friday	Analytics rules	User Behavior (UEBA), Security - Insider threat	FalconForce

FireEye NX (Network Security)

Name	Includes	Categories	Supported by
FireEye NX (Network Security)	Data connector, parser	Security - Network	Microsoft

Flare Systems Firework

Name	Includes	Categories	Supported by
Flare Systems Firework	Data connector	Security - Threat protection	Microsoft

Forescout

Name	Includes	Categories	Supported by
Forescout	Data connector, parser	Security - Network	Microsoft

Fortinet Fortigate

Name	Includes	Categories	Supported by
Fortinet Fortigate	Data connector, playbooks, custom Logic App connector	Security - Automation (SOAR)	Microsoft

GitHub

Name	Includes	Categories	Supported by
Continuous Threat Monitoring for GitHub	Data connector, parser, workbook, analytics rules	Cloud Provider	Microsoft

Google

Name	Includes	Categories	Supported by
Google Cloud Platform DNS Solution	Data connector, parser	Cloud Provider, Networking	Microsoft
Google Cloud Platform Cloud Monitoring Solution	Data connector, parser	Cloud Provider	Microsoft
Google Cloud Platform Identity and Access Management Solution	Data connector, workbook, analytics rules, playbooks, hunting queries, parser, custom Logic App connector	Cloud Provider, Identity	Microsoft
Google Workspace Reports	Workbook, analytics rules, hunting queries	IT Operations	Microsoft

Holm Security

Name	Includes	Categories	Supported by
Holm Security	Data connector	Security - Threat Intelligence	Holm Security

HYAS

Name	Includes	Categories	Supported by
HYAS Insight for Microsoft Sentinel Solutions Gallery	Playbooks	Security - Threat Intelligence, Security - Automation (SOAR)	Microsoft

Imperva

Name	Includes	Categories	Supported by
Imperva Cloud WAF (formally Imperva Incapsula)	Data connector, parser	Security - Network	Microsoft

InfoBlox

Name	Includes	Categories	Supported by
InfoBlox Threat Defense / InfoBlox Cloud Data Connector	Data connector, workbook, analytics rules	Security - Threat protection	Microsoft

IronNet

Name	Includes	Categories	Supported by
IronNet CyberSecurity Iron Defense - Microsoft Sentinel		Security - Network	Microsoft

Joshua Cyberisk Vision

Name	Includes	Categories	Supported by
Joshua Cyberisk Vision	Playbooks	Security - Threat Intelligence	Joshua Cyberisk Vision

Juniper

Name	Includes	Categories	Supported by
Juniper IDP	Data connector, parser	Security - Network	Microsoft
Juniper SRX	Data connector, parser	Networking	Microsoft

Kaspersky

Name	Includes	Categories	Supported by
Kaspersky AntiVirus	Data connector, parser	Security - Threat protection	Microsoft

Lastpass

Name	Includes	Categories	Supported by
Lastpass Enterprise Activity Monitoring	Data connector, analytic rules, hunting queries, watchlist, workbook	Application	The Collective Consulting

Lookout

Name	Includes	Categories	Supported by
Lookout Mobile Threat Defense for Microsoft Sentinel	Data connector	Security - Network	Lookout

McAfee

Name	Includes	Categories	Supported by
McAfee ePolicy Orchestrator Solution	Data connector, workbook, analytics rules, playbooks, hunting queries, parser, custom Logic App connector	Security - Threat protection	Microsoft
McAfee Network Security Platform Solution (Intrushield) + AntiVirus Information (T1 minus Logic apps)	Data connector, workbooks, analytics rules, hunting queries, parser	Security - Threat protection	Microsoft

Microsoft

Name	Includes	Categories	Supported by
DNS	Data connector, workbook, analytics rules, hunting queries	Networking	Microsoft
Microsoft Defender for Cloud	Data connector, analytics rule	Security - Threat Protection	Microsoft
Microsoft Defender for Cloud Apps	Data connector, analytics rule	Security - Cloud Security	Microsoft
Microsoft Defender for Endpoint	Hunting queries, parsers	Security - Threat Protection	Microsoft
Microsoft Defender for Identity	Data connector	Security - Threat Protection	Microsoft
Microsoft Defender for Office 365	Data connector, workbook	Security - Threat Protection	Microsoft
Microsoft PowerBI	Data connector	Application	Microsoft
Microsoft Project	Data connector	Application	Microsoft
Microsoft Purview	Data connector, workbook, analytics rules For more information, see Tutorial: Integrate Microsoft Sentinel and Microsoft Purview.	Compliance, Security- Cloud Security, and Security- Information Protection	Microsoft
Microsoft Sentinel for Microsoft Dynamics 365	Data connector, workbooks, analytics rules, and hunting queries	Application	Microsoft
Microsoft Sentinel for Teams	Analytics rules, playbooks, hunting queries	Application	Microsoft
Microsoft Sentinel for SQL PaaS	Data connector, workbook, analytics rules, playbooks, hunting queries	Application	Community
Microsoft Sentinel Training Lab	Workbook, analytics rules, playbooks, hunting queries	Training and tutorials	Microsoft
Microsoft Sysmon for Linux	Data connector	Platform	Microsoft
Network Security Groups	Data connector	Security - Network	Microsoft
Threat Intelligence	Data connector, analytics rules, hunting queries, workbooks	Security - Threat Intelligence	Microsoft
Windows Firewall	Data connector, workbook	Security - Network	Microsoft
Windows Forwarded Events	Data connector, analytics rules	IT Operations	Microsoft
Windows Security Events	Data connector, analytics rules, hunting queries, workbooks	Security - Threat Protection	Microsoft
Syslog	Data connector, analytics rules, hunting queries, workbook	IT Operations	Microsoft

NetSkope

Name	Includes	Categories	Supported by
NetSkope	Data connector, parser	Security – Network	NetSkope

NGINX

Name	Includes	Categories	Supported by
Nginx	Data connector, workbooks, analytics rules, hunting queries, parser	Security – Network, Networking, DevOps	Microsoft

NXLog

Name	Includes	Categories	Supported by
NXLog AIX Audit	Data connector, parser	IT Operations, Security - Network	NXLog
NXLog BSM macOS	Data connector	IT Operations, Security - Others	NXLog
NXLog DNS Logs	Data connector, parser	IT Operations, Security - Network	NXLog
NXLog LinuxAudit	Data connector	IT Operations, Security - Network	NXLog

Oracle

Name	Includes	Categories	Supported by
Oracle Cloud Infrastructure	Data connector, parser	Cloud Provider	Microsoft
Oracle Database Audit	Data connector, workbook, analytics rules, hunting queries, parser	Application	Microsoft
Oracle WebLogic Server	Data connector, workbook, analytics rules, hunting queries, parser	IT Operations	Microsoft

OSSEC

Name	Includes	Categories	Supported by
OSSEC	Data connector, parser	Security - Threat Protection	Microsoft

Palo Alto

Name	Includes	Categories	Supported by
Palo Alto PAN-OS	Data connector, playbooks, custom Logic App connector	Security - Automation (SOAR), Security - Network	Microsoft
Palo Alto Prisma Solution	Data connector, workbooks, analytics rules, hunting queries, parser	Security - Cloud security	Microsoft

Perimeter 81

Name	Includes	Categories	Supported by
Perimeter 81	Data connector, workbook	Security - Network	Perimeter 81

Ping Identity

Name	Includes	Categories	Supported by
PingFederate Solution	Data connector, workbooks, analytics rules, hunting queries, parser	Identity	Microsoft

Proofpoint

Name	Includes	Categories	Supported by
Proofpoint POD Solution	Data connector, workbook, analytics rules, hunting queries, parser	Security - Threat protection	Microsoft
Proofpoint TAP Solution	Workbooks, analytics rules, playbooks, custom Logic App connector	Security - Automation (SOAR), Security - Threat protection	Microsoft

Pulse Secure

Name	Includes	Categories	Supported by
Pulse Connect Secure	Data connector, workbook, analytics rules, parser	Security - Threat Protection	Microsoft

Qualys

Name	Includes	Categories	Supported by
Qualys VM	Workbook, analytics rules	Compliance, Security - Vulnerability Management	Microsoft
Qualys VM Knowledgebase	Data connector, parser	Security - Vulnerability Management	Microsoft

Rapid7

Name	Includes	Categories	Supported by
Rapid7 InsightVM CloudAPI Solution	Data connector, parser	Security - Vulnerability Management	Microsoft

ReversingLabs

Name	Includes	Categories	Supported by
ReversingLabs TitaniumCloud File Enrichment Solution	Playbooks	Security - Threat intelligence	ReversingLabs

RiskIQ

Name	Includes	Categories	Supported by
RiskIQ Security Intelligence Playbooks	Playbooks	Security - Threat intelligence, Security - Automation (SOAR)	RiskIQ

RSA

Name	Includes	Categories	Supported by
RSA SecurID	Data connector, parser	Security - Others, Identity	Microsoft

Salesforce

Name	Includes	Categories	Supported by
Salesforce Service Cloud*	Data connector, parser	Cloud Provider	Microsoft

SAP

Name	Includes	Categories	Supported by
Continuous Threat Monitoring for SAP	Data connector, workbooks, analytics rules, watchlists	Application	Community

Semperis

Name	Includes	Categories	Supported by
Semperis	Data connector, workbooks, analytics rules, parser	Security - Threat protection, Identity	Semperis

Senserva Pro

Name	Includes	Categories	Supported by
Senserva Offer for Microsoft Sentinel	Data connector, workbooks, analytics rules, hunting queries	Compliance	Senserva

Shadowbytes

Name	Includes	Categories	Supported by
Shadowbytes ARIA Threat Intelligence	Data connector, playbook	Security - Threat protection	Shadowbyte

SIGNL4

Name	Includes	Categories	Supported by
SIGNL4 Mobile Alerting	Data connector, playbook	DevOps, IT Operations	SIGNL4

SonicWall

Name	Includes	Categories	Supported by
SonicWall Network Security	Data connector	Security - Network	SonicWall

Sonrai Security

Name	Includes	Categories	Supported by
Sonrai Security - Microsoft Sentinel	Data connector, workbooks, analytics rules	Compliance	Sonrai Security

Squid

Name	Includes	Categories	Supported by
SquidProxy	Data connector, parser	Networking	Microsoft

Slack

Name	Includes	Categories	Supported by
Slack Audit Solution	Data connector, workbooks, analytics rules, hunting queries, parser	Application	Microsoft

Sophos

Name	Includes	Categories	Supported by
Sophos Endpoint Protection Solution	Data connector, parser	Security - Threat protection	Microsoft
Sophos XG Firewall Solution	Workbooks, analytics rules, parser	Security - Network	Microsoft

Squadra Technologies

Name	Includes	Categories	Supported by
Squadra Technologies secRMM	Data connector, workbook	Security - Information Protection, Security - Threat Protection	Squadra Technologies

Symantec

Name	Includes	Categories	Supported by
Symantec Endpoint Protection	Data connector, workbook, analytics rules, playbooks, hunting queries, parser	Security - Threat protection	Microsoft
Symantec ProxySG	Workbooks, analytics rules	Security - Network	Microsoft
Symantec VIP	Data connector, analytics rules, parser, workbooks	Security - Network	Microsoft

Tenable

Name	Includes	Categories	Supported by
Tenable Nessus Scanner / IO VM reports for cloud	Data connector, parser	Security - Vulnerability Management	Microsoft

Trend Micro

Name	Includes	Categories	Supported by
Trend Micro Apex One Solution	Data connector, hunting queries, parser	Security - Threat protection	Microsoft
Trend Micro Cloud App Security	Data connector, analytics rules, hunting queries, parser	Security - Threat protection	Microsoft

Ubiquiti

Name	Includes	Categories	Supported by
Ubiquiti UniFi Solution	Data connector, workbooks, analytics rules, hunting queries, parser	Security - Network	Microsoft

vArmour

Name	Includes	Categories	Supported by
vArmour Application Controller and Microsoft Sentinel Solution	Data connector, workbook, analytics rules	IT Operations	vArmour

Vectra

Name	Includes	Categories	Supported by
Vectra Stream Solution	Data connector, hunting queries, parser	Security - Network	Microsoft

VMware

Name	Includes	Categories	Supported by
VMware Carbon Black Solution	Workbooks, analytics rules	Security - Threat protection	Microsoft
VMware ESXi	Workbooks, analytics rules, data connectors, hunting queries, parser	IT Operations	Microsoft

WatchGuard

Name	Includes	Categories	Supported by
WatchGuard Firebox	Data connector, parser	Security - Network	WatchGuard

Zeek Network

Name	Includes	Categories	Supported by
Corelight for Microsoft Sentinel	Data connector, workbooks, analytics rules, hunting queries, parser	IT Operations, Security - Network	Zeek Network

Zimperium

Name	Includes	Categories	Supported by
Zimperium Mobile Threat Defense	Data connector, workbook	Security - Threat Protection	Zimperium

Zoom

Name	Includes	Categories	Supported by
Zoom Reports	Data connector, parser	Application	Microsoft

Zscaler

Name	Includes	Categories	Supported by
Zscaler Private Access	Data connector, workbook, analytics rules, hunting queries, parser	Security - Network	Microsoft

Next steps

In this document, you learned about Microsoft Sentinel solutions and how to find and deploy them.

Learn more about Microsoft Sentinel Solutions.
Find and deploy Microsoft Sentinel Solutions.