SIEM Integration with Azure Sentinel

Pre-requisites

To begin integrating Enpass with Azure Sentinel, ensure you have the Log Analytics Workspace for Enpass (Azure Sentinel Documentation) and its following details:

  • Workspace ID
  • Primary Key

Configure Enpass Admin Console to Send Event Logs to Azure Sentinel

  1. Log in to Enpass Admin Console
  2. Go to Settings > Event Logs.
    Console-to-Send-Event-Logs-to-Azure-Sentinel
  3. Go to Configure button under SIEM Integration Section.
    Configure-button-under-SIEM-Integration-Section
  4. Select Azure Sentinel and Continue.
    Azure-Sentinel-and-Continue
  5. Enter the previously acquired Workspace ID and Primary Key.
    previously-acquired-Workspace-ID-and-Primary-Key
  6. Now Click Verify & Save.

 


Related topics