Talon Insights

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Connectors Index

Attribute Value
Connector ID TalonLogs
Publisher Talon Security
Used in Solutions Talon
Collection Method REST Pull API
Connector Definition Files TalonLogs.json
Ingestion API HTTP Data Collector APIConnector definition requires workspace key (SharedKey pattern)
Custom Log V1 Tables Yes 🔶 — ingests into tables with type-suffixed columns

The Talon Security Logs connector allows you to easily connect your Talon events and audit logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation.

Tables Ingested

This connector ingests data into the following tables:

Table Transformations Ingestion API Lake-Only
Talon_CL 🔶 ? ?

💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.

Permissions

Resource Provider Permissions: - Workspace (Workspace): read and write permissions are required. - Keys (Workspace): read permissions to shared keys for the workspace are required. See the documentation to learn more about workspace keys.

Setup Instructions

⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.

Please note the values below and follow the instructions here to connect your Talon Security events and audit logs with Microsoft Sentinel. - Workspace ID: WorkspaceId

Note: The value above is dynamically provided when these instructions are presented within Microsoft Sentinel. - Primary Key: PrimaryKey Note: The value above is dynamically provided when these instructions are presented within Microsoft Sentinel.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Connectors Index