How to Integrate Citrix NetScaler with Azure Sentinel?

Hi MiteshAgrawal 

This is what I found in Citrix help documents.v And it is useful in https://www.apps4rent.com/windows-virtual-desktop-azure as well.

An Excerpt:

How to integrate Citrix Analytics with Azure Sentinel

Follow the guidelines mentioned to integrate Citrix Analytics with Azure Sentinel:

• Data export. Citrix Analytics creates a channel and exports risk intelligence. Azure Sentinel retrieves this risk intelligence from the channel.

• Get configuration on Citrix Analytics. Create an account with Citrix Analytics to authenticate the Azure Sentinel integration. Citrix Analytics uses the account to prepare a configuration file required for the integration. The configuration file is used to configure the Citrix Analytics Adapter for Azure Sentinel.

• Download Citrix Analytics Adapter for Azure Sentinel. Download the Citrix Analytics Adapter for Azure Sentinel application from GitHub. The adapter is a Python program that consumes alerts from a tenant-specific Kafka topic that is hosted by Citrix Analytics. You can run the adapter on any physical or virtual machine with Python 2.7 or above. The consumed alerts are posted to Azure Sentinel using REST API.

• Install Citrix Analytics Adapter for Azure Sentinel. Install the Citrix Analytics Adapter for Azure Sentinel application on a machine so that it can receive the Kafka data. The adapter contains placeholder variables for connecting to Azure Sentinel and the Kafka interface on Citrix Analytics. After installing the adapter, do the following:

  • Replace the placeholder variables related to the Kafka interface with the values obtained from the configuration file that Citrix Analytics has prepared.

  • Replace the Azure Sentinel related placeholder variables (for Workspace ID and API Key) with the respective values from your Azure account.

I hope this helps!

Regards.

Abigail