Netclean ProActive Incidents
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Connector ID | Netclean_ProActive_Incidents |
| Publisher | NetClean Technologies |
| Used in Solutions | NetClean ProActive |
| Collection Method | REST Pull API |
| Connector Definition Files | Connector_NetClean.json |
| Ingestion API | HTTP Data Collector API — Connector definition requires workspace key (SharedKey pattern) |
| Custom Log V1 Tables | Yes 🔶 — ingests into tables with type-suffixed columns |
This connector uses the Netclean Webhook (required) and Logic Apps to push data into Microsoft Sentinel Log Analytics
Tables Ingested
This connector ingests data into the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
Netclean_Incidents_CL 🔶 |
? | ✓ | ? |
💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.
Permissions
Resource Provider Permissions: - Workspace (Workspace): read and write permissions are required. - Keys (Workspace): read permissions to shared keys for the workspace are required. See the documentation to learn more about workspace keys.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
NOTE: NetClean ProActive uses a Webhook to expose incident data, Azure Logic Apps is used to receive and push data to Log Analytics This might result in additional data ingestion costs. It's possible to test this without Logic Apps or NetClean Proactive see option 2 - Workspace ID:
WorkspaceIdNote: The value above is dynamically provided when these instructions are presented within Microsoft Sentinel. - Primary Key:PrimaryKeyNote: The value above is dynamically provided when these instructions are presented within Microsoft Sentinel.
1. Option 1: Logic app
- Create a new logic app Use When a HTTP request is recived as the Trigger and save it. It will now have generated a URL that can be used in the ProActive webconsole configuration. Add an action: Select the Azure Log Analytics Data Collector and choose Send Data Enter Connection Name, Workspace ID and Workspace Key, you will find the information needed in your Log Analytics workspace under Settings-->Agents-->Log Analytics agent instructions. In JSON Request body add @triggerBody(). in Custom Log Name add Netclean_Incidents.
2. Option 2 (Testing only)
Ingest data using a api function. please use the script found on https://learn.microsoft.com/en-us/azure/azure-monitor/logs/data-collector-api?tabs=powershell Replace the CustomerId and SharedKey values with your values Replace the content in $json variable to the sample data found here: https://github.com/Azure/Azure-Sentinel/blob/master/Sample%20Data/Custom/Netclean_Incidents_CL.json . Set the LogType varible to Netclean_Incidents_CL Run the script
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊