SlashNext Function App
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Connector ID | SlashNextFunctionApp |
| Publisher | SlashNext |
| Used in Solutions | SlashNext |
| Collection Method | Azure Function |
| Connector Definition Files | SlashNext_FunctionApp.json |
| Ingestion API | HTTP Data Collector API — Inferred from table column naming patterns (type suffixes) |
| Custom Log V1 Tables | Yes 🔶 — ingests into tables with type-suffixed columns |
The SlashNext function app utilizes python to perform the analysis of the raw logs and returns URLs present in the logs.
Tables Ingested
This connector ingests data into the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AzureDiagnostics 🔶 |
Resource == "SlashnextFunctionApp" |
? | ✗ | ? |
AzureMetrics |
? | ✗ | ? |
Permissions
Resource Provider Permissions: - Storage Account (Storage Account): read, write, and delete permissions on the storage account are required.
Custom Permissions: - Microsoft.Web/sites permissions: Read and write permissions to Azure Functions to create a Function App is required. See the documentation to learn more about Azure Functions. - Microsoft.Web/serverfarms permissions: Read and write permissions to Azure App Service Plan are required to create and manage the App Service Plan. See the documentation to learn more about App Service Plans.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
1. Custom Deployment Using Azure Resource Manager (ARM) Template
Follow these steps to perform custom deployment of the SlashNext function app using ARM template:
- Click this link to open the Microsoft Azure Portal for custom deployment.
- Under the Select a template tab in the Custom deployment section, click Build your own template in the editor.
- Copy the contents of the azuredeploy.json ARM template file from this GitHub repository and paste them into the Edit template section.
- Click the Save button.
- Select the preferred Subscription, Resource Group, and Location.
- Click Create to deploy.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊