New Blog Post | Azure Sentinel Side-by-Side with Splunk via EventHub

%3CLINGO-SUB%20id%3D%22lingo-sub-2341301%22%20slang%3D%22en-US%22%3ENew%20Blog%20Post%20%7C%20Azure%20Sentinel%20Side-by-Side%20with%20Splunk%20via%20EventHub%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2341301%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22JasonCohen1892_0-1620660240397.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F279473iCDCF592889DA0B4D%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22JasonCohen1892_0-1620660240397.png%22%20alt%3D%22JasonCohen1892_0-1620660240397.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-sentinel%2Fazure-sentinel-side-by-side-with-splunk-via-eventhub%2Fba-p%2F2307029%22%20target%3D%22_blank%22%3EAzure%20Sentinel%20Side-by-Side%20with%20Splunk%20via%20EventHub%20-%20Microsoft%20Tech%20Community%3C%2FA%3E%3C%2FP%3E%0A%3CP%3EThis%20blog%20describes%20the%20usage%20of%20Splunk%20app%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fsplunkbase.splunk.com%2Fapp%2F3110%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3ESplunk%20Add-on%20for%20Microsoft%20Cloud%20Services%3C%2FA%3E%3C%2FSPAN%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Ein%20Side-by-Side%20architecture%20with%20Azure%20Sentinel.%20For%20the%20integration%2C%20an%20Azure%20Logic%20app%20will%20be%20used%20to%20stream%20Azure%20Sentinel%20Incidents%20to%20Azure%20Event%20Hub.%20From%20there%20Azure%20Sentinel%20Incidents%20can%20be%20ingested%20into%20Splunk.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2341301%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Sentinel%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECloud%20Security%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

JasonCohen1892_0-1620660240397.png

Azure Sentinel Side-by-Side with Splunk via EventHub - Microsoft Tech Community

This blog describes the usage of Splunk app Splunk Add-on for Microsoft Cloud Services in Side-by-Side architecture with Azure Sentinel. For the integration, an Azure Logic app will be used to stream Azure Sentinel Incidents to Azure Event Hub. From there Azure Sentinel Incidents can be ingested into Splunk.

0 Replies