TacitRed Compromised Credentials
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
| Attribute | Value |
|---|---|
| Connector ID | TacitRedThreatIntel |
| Publisher | TacitRed |
| Used in Solutions | TacitRedThreatIntelligence |
| Collection Method | CCF |
| Connector Definition Files | TacitRed_ConnectorDefinition.json |
| DCR Definition Files | TacitRed_DCR.json |
| CCF Configuration | TacitRed_PollerConfig.json |
| CCF Capabilities | APIKey, Paging |
| Custom Log V1 Tables | Yes 🔶 — ingests into tables with type-suffixed columns |
| Microsoft Learn | View on Learn |
Ingest compromised credential findings from TacitRed using the Common Connector Framework (CCF).
Tables Ingested
This connector ingests data into the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
TacitRed_Findings_CL 🔶 |
✗ | ✓ | ✗ |
💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.
Permissions
Resource Provider Permissions:
- Workspace (Workspace): Read and write permissions required
Custom Permissions:
- TacitRed API Key: API key stored in Azure Key Vault or provided at deployment time.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
1. Connect TacitRed Compromised Credentials
To enable the TacitRed connector, provide your API key below and click Connect.
- TacitRed API Key: (password field)
- Click 'Connect' to establish connection
For enhanced security, you can enable Key Vault integration to store and retrieve the API key.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊