Microsoft Sentinel

Jamf Protect Documentation
Solution
Application
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

You can use a Jamf Security Cloud to send event data to Microsoft Sentinel.

Requirements

You need a Microsoft Sentinel subscription and the following information:

  • Microsoft Sentinel Workspace ID

  • Microsoft Sentinel Shared key

  • Azure Domain

  • Microsoft Sentinel Log Name

  1. In Jamf Security Cloud, navigate to Integrations > Data Streams.
  2. Click New configuration.
  3. Select a data stream type.

    For more information about data stream types, see Jamf Security Cloud Data Stream Types and Targets.

  4. Select Microsoft Sentinel as your data stream target type, and then click Continue.
  5. Configure your Microsoft Sentinel data stream:
    1. Enter the Microsoft Sentinel Workspace ID.
    2. Enter the Microsoft Sentinel Shared key.
    3. Choose your domain in the Azure Domain pop-up menu.
    4. Enter the log name in the Microsoft Sentinel Log Name field.
  6. Click Test Configuration.
  7. Use the Enable configuration switch to turn on the data stream.
  8. Click Save.

Events for the data stream type are sent to the configured server in real time.