SIEM
Microsoft Sentinel
Forward audit logs to Microsoft Sentinel for cloud-native SIEM and security orchestration.
Overview
Microsoft Sentinel is a cloud-native SIEM and SOAR platform on Azure. OnePAM integrates with Sentinel to forward all access events for correlation with Microsoft 365 and Azure activity. Enable unified security operations across cloud and infrastructure access.
Key Features
Log Analytics workspace integration
CEF/Syslog forwarding support
Azure Event Hub streaming
Custom table ingestion
Built-in detection rules
SOAR playbook triggers
Incident correlation
Azure-native security integration
Use Cases
Unify Azure and infrastructure security
Correlate access with Microsoft 365 events
Automated incident response playbooks
Cloud-native SOC operations
How It Works
Create Data Connector
Configure a custom data connector in Microsoft Sentinel.
Forward Events
Configure event forwarding to Log Analytics workspace.
Enable Detection
Create analytics rules for access-based threats.
Ready to Secure Your Access?
Start using Microsoft Sentinel with OnePAM today. Set up Zero Trust access in minutes with our step-by-step guide.