Description
If you're using Azure Sentinel as a SIEM integration, you have the option to integrate that with ConcealBrowse. This allows metrics and data collected by Conceal can be seamlessly transferred into Azure Sentinel. This article will guide you through integrating Azure Sentinel with ConcealBrowse.
Before you begin:
In your Azure Sentinel instance you will need to create a Workspace ID and an API Key to enter to the Conceal dashboard.
- Open your workspace in the Azure portal
- Then select Agents management, click arrow to expand Log Analytics agent instructions. This is where you will find the parameters needed - Workspace ID and API Key.
Procedure
- Navigate within a web browser to https://dashboard.conceal.io and login if necessary.
- Click on the section labeled Integrations on the left hand menu.
- Select the SIEM / SOAR tab, locate the Azure Sentinel tile and click the button labeled Configure.
- You will need to copy your Azure Workspace ID and your Azure Sentinel Shared API Key from your Azure Sentinel instance and paste in the appropriate fields in the Conceal dashboard. Click the Enabled checkbox, Save Settings, Close.
- The plugin should now show Enabled meaning you have Azure Sentinel configured with ConcealBrowse and the data from Conceal dashboard should push into your Azure Sentinel instance.
If you run into issues, your firewall could be blocking certain IP addresses needed to send the data. Whitelist the following IP addresses if necessary:
18.214.63.36, 44.214.127.25, 44.209.215.8, 3.233.223.50, 34.232.55.106, 52.86.27.48, 3.216.48.116
*Never hesitate to contact your Customer Success Manager for any questions or concerns. You may also open a support ticket at support.conceal.io by scrolling to the bottom and clicking Submit a request.
Related to:
Was this article helpful?
Articles in this section
- Setting up Alerts through ConcealBrowse
- ConcealBrowse & Crowdstrike Solutions Brief
- Integrating SentinelOne Singularity with ConcealBrowse
- Fortinet FortiGate integration with ConcealBrowse
- Integrating Wazuh with ConcealBrowse
- Integrating Syslog with ConcealBrowse
- Integrating Azure Sentinel with ConcealBrowse
- Integrating Devo with ConcealBrowse
- AlienVault integration with ConcealBrowse
- Enabling SIEM integrations through Webhooks