SIEM Integration with Azure Sentinel
Pre-requisites
To begin integrating Enpass with Azure Sentinel, ensure you have the Log Analytics Workspace for Enpass (Azure Sentinel Documentation) and its following details:
- Workspace ID
- Primary Key
Configure Enpass Admin Console to Send Event Logs to Azure Sentinel
- Log in to Enpass Admin Console
- Go to Settings > Event Logs.
- Go to Configure button under SIEM Integration Section.
- Select Azure Sentinel and Continue.
- Enter the previously acquired Workspace ID and Primary Key.
- Now Click Verify & Save.