Analytics Events for Citrix Analytics

%3CLINGO-SUB%20id%3D%22lingo-sub-2542491%22%20slang%3D%22en-US%22%3EAnalytics%20Events%20for%20Citrix%20Analytics%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2542491%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20All%2C%3C%2FP%3E%3CP%3EJust%20want%20to%20understand%20if%20there%20are%20any%20analytics%20events%20that%20we%20can%20create%20for%20Citrix%20Analytics%20data%20that%20is%20flowing%20into%20Sentinel.%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3CP%3ERaju%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2542800%22%20slang%3D%22en-US%22%3ERE%3A%20Analytics%20Events%20for%20Citrix%20Analytics%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2542800%22%20slang%3D%22en-US%22%3EYou%20can%20use%20the%20Citrix%20Connector%20-%20Next%20Steps%20page%20and%20the%20%22query%20samples%22%20or%20the%20provided%20Workbook%20as%20the%20basis%20for%20your%20Alert%20queries%20for%20this%20connector.%20I%20don't%20believe%20there%20are%20any%20other%20examples%20in%20the%20portal%20or%20in%20Github.%3C%2FLINGO-BODY%3E
Occasional Contributor

Hi All,

Just want to understand if there are any analytics events that we can create for Citrix Analytics data that is flowing into Sentinel.

Thanks

Raju

 

3 Replies
You can use the Citrix Connector - Next Steps page and the "query samples" or the provided Workbook as the basis for your Alert queries for this connector. I don't believe there are any other examples in the portal or in Github.
Thanks Clive for the response.
I wonder if this used widely I mean integration of Citrix Analytics to Sentinel.
Sorry I cant answer that, but maybe you can submit a contribution to start the community for Rules for this data? https://github.com/Azure/Azure-Sentinel#contributing