The FortiNDR Cloud solution for Microsoft Sentinel allows users to incorporate the network telemetry data collected and analyzed by FortiNDR Cloud into their Sentinel deployment.

The solution provides two types of inputs: Detections and Events (include Suricata and Observations). Events and associated metadata can be retrieved by the data connector using Metastream AWS S3 REST API, and store in Azure Log Analytics workspaces.

The solution also includes Parsers and Workbooks to help organizations to drive deeper and more efficient investigations.

To learn more about the solution, please refer to FortiNDR Cloud user guide