Cisco Umbrella

Azure Sentinel, Microsoft Corporation

Cisco Umbrella

Azure Sentinel, Microsoft Corporation

Cisco Umbrella offers flexible, cloud-delivered security when and how you need it.

Important: This Microsoft Sentinel Solution is currently in public preview. This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. For more information, see Supplemental Terms of Use for Microsoft Azure Previews.

Note: There may be known issues pertaining to this Solution, please refer to them before installing.

The Cisco Umbrella solution for Microsoft Sentinel enables you to ingest Cisco Umbrella events stored in Amazon S3 into Microsoft Sentinel using the Amazon S3 REST API.

Underlying Microsoft Technologies used:

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

a. Azure Monitor HTTP Data Collector API

b. Azure Functions

Parsers: 1, Workbooks: 1, Analytic Rules: 10, Hunting Queries: 10, Custom Azure Logic Apps Connectors: 4, Playbooks: 4

Learn more about Microsoft Sentinel | Learn more about Solutions