⚠️ KnowBe4 Defend
⚠️ Unpublished: This item is from a solution that is not yet published on Azure Marketplace or not installed in Content Hub.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Connector ID | KnowBe4DefendPolling |
| Publisher | KnowBe4 |
| Used in Solutions | KnowBe4 Defend |
| Collection Method | CCF (Legacy) |
| Connector Definition Files | DefendAPIConnector.json |
| CCF Capabilities | APIKey, Paging |
| Custom Log V1 Tables | Yes 🔶 — ingests into tables with type-suffixed columns |
The KnowBe4 Defend audit connector provides the capability to ingest KnowBe4 Defend Data into Microsoft Sentinel.
Tables Ingested
This connector ingests data into the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
EgressDefend_CL 🔶 |
? | ✓ | ? |
KnowBe4Defend_CL 🔶 |
? | ✓ | ? |
💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.
Permissions
Resource Provider Permissions: - Workspace (Workspace): Read and Write permissions on the Log Analytics workspace are required to enable the data connector.
Custom Permissions: - KnowBe4 API Token: A KnowBe4 API token is required to ingest audit records to Microsoft Sentinel.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
1. Connect KnowBe4 Defend with Microsoft Sentinel
Enter your KnowBe4 Defend API URl, KnowBe4 Domain and API token.
📋 Additional Configuration Step: This connector includes a configuration step of type
APIKey. Please refer to the Microsoft Sentinel portal for detailed configuration options for this step.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊