Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Defender ATP SIEM alien vault

Copper Contributor

Anyone integrated an Alienvault SIEM Connection with defender ATP and the security center?

Our last solution we had to export the data from Sophos and manually load it into the SIEM



3 Replies
What kind of imports do you have in AlienVault?

Does it support a custom API?

Otherwise you could spin up Sentinel and tell Sentinel to redirect logs to your SIEM

@Thijs Lecomte 


OK Thanks for that input, are you refering to Azure Sentinel and have them parse into the SIEM? Would you happen to have any info this process as this is a major part of our PCI requirements.  Our old system (Sophos Cloud) we manually exported the logs and they were imnported into the Vault device.