SIEM Integration with Azure Sentinel

Pre-requisites

To begin integrating Enpass with Azure Sentinel, ensure you have the Log Analytics Workspace for Enpass (Azure Sentinel Documentation) and its following details:

• Workspace ID
• Primary Key

Configure Enpass Admin Console to Send Event Logs to Azure Sentinel

1. Log in to Enpass Admin Console
2. Go to Settings > Event Logs.
   
3. Go to Configure button under SIEM Integration Section.
   
4. Select Azure Sentinel and Continue.
   
5. Enter the previously acquired Workspace ID and Primary Key.
   
6. Now Click Verify & Save.

Related topics

• Getting started with Event Logs
• Microsoft Documentation – Azure Sentinel Quickstart
• Microsoft Documentation – Log Analytics Workspace
• Microsoft Documentation – Connecting Data Sources