Microsoft Sentinel

Overview

Microsoft Sentinel, also known as Azure Sentinel, is a cloud-native security information and event management (SIEM) service offered by Microsoft. It's designed to provide intelligent security analytics at cloud scale for enterprises. Azure Sentinel enables security teams to detect, investigate, and respond to security threats across the organization's entire hybrid environment, including on-premises and multi-cloud environments.

Supported Features

This community integration is built leveraging Saviynt APIs and Azure Functions(Python), for additional details about Saviynt APIs visit  API Reference

Saviynt Enterprise Identity Cloud (EIC) generates audit logs that record all actions performed by a user such as changes to SAV roles, global configurations, and connections. These audit logs include the following entries: OBJECT TYPE, OBJECT NAME, ACTION, ATTRIBUTE, ACCESS BY, ACCESS TIME, IP ADDRESS, and MESSAGE. Sentinel Integration based on Azure Functions, periodically ingest these events. 

For details refer to documentation

Support

Community apps are provided "as is" with troubleshooting and usage guidance available for our core frameworks or connectors (REST, SOAP, JDBC, LDAP, PowerShell, Extensions, Connector Framework or APIs). Customers are encouraged to seek support primarily through community channels. This includes Saviynt forums, user groups, and other community-driven platforms where members can share knowledge.

Provider Information 

The connector is built by Saviynt Community Members.

Pricing

This app will count toward the number of apps included in your Saviynt license.