Forum Discussion
Hemanth_Abbina
Microsoft
MicrosoftAny plan to integrate/send MCAS activity events to Sentinel
Hi,
The current MCAS to Sentinel connector is sending only alerts and discovery logs to Sentinel. Are there any plans to include the MCAS activity logs in the integration ? (The MCAS SIEM connector...
Hello Hemanth,
Are you using PIM for access to MCAS or to Azure Sentinel/Logic Apps?
Because the API token is taken from MCAS this will need to be entered for the Logic Apps connection but for Logic Apps you can use managed identities:
https://docs.microsoft.com/nl-nl/azure/logic-apps/create-managed-service-identity
Are you using PIM for access to MCAS or to Azure Sentinel/Logic Apps?
Because the API token is taken from MCAS this will need to be entered for the Logic Apps connection but for Logic Apps you can use managed identities:
https://docs.microsoft.com/nl-nl/azure/logic-apps/create-managed-service-identity
Hemanth_AbbinaMicrosoft
MicrosoftBemmelenPatrick Thanks for the quick response.
I'm talking about the MCAS API token. The API token created in the MCAS portal is associated with the user created it. If the user's PIM session expires, the API token won't work.
- Hi,
we're experiencing the same problem. I think we will use the Break Glass Account. Does anyone have a better idea?
