Atlassian Beacon Alerts
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
| Attribute | Value |
|---|---|
| Connector ID | AtlassianBeaconAlerts |
| Publisher | DEFEND Ltd. |
| Used in Solutions | Integration for Atlassian Beacon |
| Collection Method | REST Pull API |
| Connector Definition Files | AtlassianBeacon_DataConnector.json |
| Ingestion API | HTTP Data Collector API — Connector definition requires workspace key (SharedKey pattern) |
| Custom Log V1 Tables | Yes 🔶 — ingests into tables with type-suffixed columns |
| Microsoft Learn | View on Learn |
Atlassian Beacon is a cloud product that is built for Intelligent threat detection across the Atlassian platforms (Jira, Confluence, and Atlassian Admin). This can help users detect, investigate and respond to risky user activity for the Atlassian suite of products. The solution is a custom data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon to Microsoft Sentinel via a Logic App.
Tables Ingested
This connector ingests data into the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
atlassian_beacon_alerts_CL 🔶 |
✗ | ✓ | ✗ |
💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.
Permissions
Resource Provider Permissions:
- Workspace (Workspace): read and write permissions are required.
- Keys (Workspace): read permissions to shared keys for the workspace are required. See the documentation to learn more about workspace keys.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
1. Microsoft Sentinel
- Navigate to the newly installed Logic App 'Atlassian Beacon Integration'
- Navigate to 'Logic app designer'
- Expand the 'When a HTTP request is received'
- Copy the 'HTTP POST URL'
2. Atlassian Beacon
- Login to Atlassian Beacon using an admin account
- Navigate to 'SIEM forwarding' under SETTINGS
- Paste the copied URL from Logic App in the text box
- Click the 'Save' button
3. Testing and Validation
- Login to Atlassian Beacon using an admin account
- Navigate to 'SIEM forwarding' under SETTINGS
- Click the 'Test' button right next to the newly configured webhook
- Navigate to Microsoft Sentinel
- Navigate to the newly installed Logic App
- Check for the Logic App Run under 'Runs history'
- Check for logs under the table name 'atlassian_beacon_alerts_CL' in 'Logs'
- If the analytic rule has been enabled, the above Test alert should have created an incident in Microsoft Sentinel
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊