Forum Discussion
Integrating on premises SIEM with microsoft casb
I am looking for the solution integrating on premises SIEM with existing micsroft CaSB and viewing the incident and event of on premises devices on CASB. Is this possible ?
Thanks Dean for your reply much appreciated I have gone through the document,but I was looking other way around ingesting that logs from SIEM to cloud app portal SIEM is Fortisiem which will help us to see alerts and incidents on Microsoft defender
I don't think it is possible to ingest your SIEM into M365 Defender, however, you can ingest it into Sentinel. https://docs.microsoft.com/en-us/azure/sentinel/connect-common-event-format#supported-architectures
- Thanks Joe, we were looking for a solution to make use of our existing siem with microsoft defender