Atlassian Beacon Alerts
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Connector ID | AtlassianBeaconAlerts |
| Publisher | DEFEND Ltd. |
| Used in Solutions | Integration for Atlassian Beacon |
| Collection Method | REST Pull API |
| Connector Definition Files | AtlassianBeacon_DataConnector.json |
| Ingestion API | HTTP Data Collector API — Connector definition requires workspace key (SharedKey pattern) |
| Custom Log V1 Tables | Yes 🔶 — ingests into tables with type-suffixed columns |
Atlassian Beacon is a cloud product that is built for Intelligent threat detection across the Atlassian platforms (Jira, Confluence, and Atlassian Admin). This can help users detect, investigate and respond to risky user activity for the Atlassian suite of products. The solution is a custom data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon to Microsoft Sentinel via a Logic App.
Tables Ingested
This connector ingests data into the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
atlassian_beacon_alerts_CL 🔶 |
? | ✓ | ? |
💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.
Permissions
Resource Provider Permissions: - Workspace (Workspace): read and write permissions are required. - Keys (Workspace): read permissions to shared keys for the workspace are required. See the documentation to learn more about workspace keys.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
1. Microsoft Sentinel
Navigate to the newly installed Logic App 'Atlassian Beacon Integration'
Navigate to 'Logic app designer'
Expand the 'When a HTTP request is received'
Copy the 'HTTP POST URL'
2. Atlassian Beacon
Login to Atlassian Beacon using an admin account
Navigate to 'SIEM forwarding' under SETTINGS
Paste the copied URL from Logic App in the text box
Click the 'Save' button
3. Testing and Validation
Login to Atlassian Beacon using an admin account
Navigate to 'SIEM forwarding' under SETTINGS
Click the 'Test' button right next to the newly configured webhook
Navigate to Microsoft Sentinel
Navigate to the newly installed Logic App
Check for the Logic App Run under 'Runs history'
Check for logs under the table name 'atlassian_beacon_alerts_CL' in 'Logs'
If the analytic rule has been enabled, the above Test alert should have created an incident in Microsoft Sentinel
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊