You can connect the Network Traffic Stream with Microsoft Cloud App Security to stream network traffic events to your Cloud App Security instance and create continuous Cloud Discovery reports.
This integration can be used to power Cloud app discovery overview with Jamf traffic log data.
A configured Cloud App Security log collector
A server that can accept syslogs over TLS and uses a certificate signed by an authority (CA) present in the Common CA Database
(If applicable) A firewall that is configured to allow external connections to the configured TCP port from the Network Traffic Stream IP addresses. These addresses are in Advanced Settings on the Network Traffic Stream configuration page in Jamf Security Cloud.
(If applicable) If using client authentication, add https://d2lplv6nxxvwmp.cloudfront.net/ca.pem.zip as a trusted source.
- Configure the Network Traffic Stream to send events to your Cloud App Security instance:
- In Jamf Security Cloud, navigate to .
- Select Network Traffic Stream.
- Add the Server Hostname/IP and the Port configured for your CEF collector VM.
- Click Test Configuration.
- If the configuration is successful, enable the Network Traffic Stream with the toggle button.
- Click Save.
- Follow the instructions for verifying the successful deployment in the Defender for Cloud Apps portal in the Configure automatic log upload using Docker in Azure documentation from Microsoft, and optionally create custom continuous reports.
The network traffic events are sent to your Cloud App Security instance in real time.