Azure Functions

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Methods Index

Azure Functions-based connectors use serverless functions to pull data from external APIs and ingest it into Microsoft Sentinel. These connectors are commonly used for third-party SaaS applications and cloud services that provide REST APIs.

Documentation

Statistics

Metric Count
Total Connectors 139
Active 103
Deprecated 🚫 28
Unpublished ⚠️ 8

Connectors Using This Method

Active Connectors

Connector Publisher Tables Solution
1Password 1Password 1 1Password
AbnormalSecurity 🔶 AbnormalSecurity 2 AbnormalSecurity
Agari Phishing Defense and Brand Protection ⚠️ 🔶 Agari 3 Agari
AliCloud AliCloud 1 Alibaba Cloud
Armis Activities Armis 1 Armis
Armis Alerts Armis 1 Armis
Armis Alerts Activities Armis 2 Armis
Armis Devices Armis 1 Armis
Armorblox 🔶 Armorblox 1 Armorblox
BeyondTrust PM Cloud BeyondTrust 2 BeyondTrustPMCloud
Bitglass 🔶 Bitglass 1 Bitglass
Bitsight data connector BitSight Technologies, Inc. 11 BitSight
Bloodhound Enterprise SpecterOps 1 BloodHound Enterprise
Cisco Cloud Security 🔶 Cisco 12 CiscoUmbrella
Cisco Cloud Security (using elastic premium plan) 🔶 Cisco 12 CiscoUmbrella
Cisco Duo Security 🔶 Cisco 1 CiscoDuoSecurity
Cisco ETD 🔶 Cisco 1 Cisco ETD
Cofense Intelligence Threat Indicators Ingestion ⚠️ 🔶 Cofense 2 CofenseIntelligence
Cofense Triage Threat Indicators Ingestion ⚠️ 🔶 Cofense 3 CofenseTriage
Cohesity Cohesity 1 CohesitySecurity
CommvaultSecurityIQ Commvault 1 Commvault Security IQ
ContrastADR 🔶 Contrast Security 2 ContrastADR
CrowdStrike Falcon Adversary Intelligence CrowdStrike 1 CrowdStrike Falcon Endpoint Protection
Cyber Blind Spot Integration 🔶 CTM360 1 CTM360
CyberArkAudit CyberArk 1 CyberArkAudit
CyberArkEPM 🔶 CyberArk 1 CyberArkEPM
Cybersixgill Actionable Alerts Cybersixgill 1 Cybersixgill-Actionable-Alerts
Cyjax Threat Intelligence IOC Connector ⚠️ Cyjax 1 Cyjax
Dataminr Pulse Alerts Data Connector Dataminr 1 Dataminr Pulse
Digital Shadows Searchlight 🔶 Digital Shadows 1 Digital Shadows
ESET Inspect 🔶 ESET Netherlands 1 ESET Inspect
ESET Protect Platform ⚠️ ESET 2 ESET Protect Platform
Exchange Security Insights Online Collector 🔶 Microsoft 1 Microsoft Exchange Security - Exchange Online
ExtraHop Detections Data Connector ExtraHop 1 ExtraHop
Fortinet FortiNDR Cloud 🔶 Fortinet 3 Fortinet FortiNDR Cloud
GitHub (using Webhooks) Microsoft 1 GitHub
GitHub (using Webhooks) V2 🔶 Microsoft 2 GitHub
GreyNoise Threat Intelligence GreyNoise, Inc. and BlueCycle LLC 1 GreyNoiseThreatIntelligence
HackerView Intergration 🔶 CTM360 1 CTM360
Holm Security Asset Data 🔶 Holm Security 2 HolmSecurity
HYAS Protect 🔶 HYAS 1 HYAS Protect
Illumio SaaS Illumio 2 IllumioSaaS
Imperva Cloud WAF 🔶 Imperva 3 ImpervaCloudWAF
Infoblox Data Connector via REST API 🔶 Infoblox 18 Infoblox
IPinfo Abuse Data Connector IPinfo 1 IPinfo
IPinfo ASN Data Connector IPinfo 1 IPinfo
IPinfo Carrier Data Connector IPinfo 1 IPinfo
IPinfo Company Data Connector IPinfo 1 IPinfo
IPinfo Core Data Connector IPinfo 1 IPinfo
IPinfo Country ASN Data Connector IPinfo 1 IPinfo
IPinfo Domain Data Connector IPinfo 1 IPinfo
IPinfo Iplocation Data Connector IPinfo 1 IPinfo
IPinfo Iplocation Extended Data Connector IPinfo 1 IPinfo
IPinfo Plus Data Connector IPinfo 1 IPinfo
IPinfo Privacy Data Connector IPinfo 1 IPinfo
IPinfo Privacy Extended Data Connector IPinfo 1 IPinfo
IPinfo ResProxy Data Connector IPinfo 1 IPinfo
IPinfo RIRWHOIS Data Connector IPinfo 1 IPinfo
IPinfo RWHOIS Data Connector IPinfo 1 IPinfo
IPinfo WHOIS ASN Data Connector IPinfo 1 IPinfo
IPinfo WHOIS MNT Data Connector IPinfo 1 IPinfo
IPinfo WHOIS NET Data Connector IPinfo 1 IPinfo
IPinfo WHOIS ORG Data Connector IPinfo 1 IPinfo
IPinfo WHOIS POC Data Connector IPinfo 1 IPinfo
JoeSandboxThreatIntelligence Joe Security LLC 1 JoeSandbox
Lookout Cloud Security for Microsoft Sentinel 🔶 Lookout 1 Lookout Cloud Security Platform for Microsoft Sentinel
Lumen Defender Threat Feed Data Connector V2 Lumen Technologies, Inc. 1 Lumen Defender Threat Feed
Lumen Defender Threat Feed Data Connector V2 (using Azure Functions Flex Consumption Plan with Private Networking) Lumen Technologies, Inc. 1 Lumen Defender Threat Feed
Luminar IOCs and Leaked Credentials Cognyte Technologies Israel Ltd 1 CognyteLuminar
Mimecast Audit 🔶 Mimecast 2 Mimecast
Mimecast Awareness Training Mimecast 4 Mimecast
Mimecast Cloud Integrated Mimecast 1 Mimecast
Mimecast Secure Email Gateway Mimecast 2 Mimecast
Mimecast Targeted Threat Protection 🔶 Mimecast 6 Mimecast
MongoDB Atlas Logs MongoDB 1 MongoDBAtlas
MuleSoft Cloudhub 🔶 MuleSoft 1 Mulesoft
Netskope 🔶 Netskope 1 Netskope
Netskope Data Connector 🔶 Netskope 17 Netskopev2
Netskope Web Transactions Data Connector 🔶 Netskope 2 Netskopev2
NordPass NordPass 1 NordPass
Open Systems Data Connector 🔶 Open Systems 4 Open Systems
PDNS Block Data Connector ⚠️ 🔶 Nominet 1 PDNS Block Data Connector
Qualys VM KnowledgeBase 🔶 Qualys 2 Qualys VM Knowledgebase
Rapid7 Insight Platform Vulnerability Management Reports 🔶 Rapid7 2 Rapid7InsightVM
Rubrik Security Cloud data connector 🔶 Rubrik, Inc 4 RubrikSecurityCloud
SailPoint IdentityNow 🔶 SailPoint 2 SailPointIdentityNow
SecurityScorecard Cybersecurity Ratings 🔶 SecurityScorecard 1 SecurityScorecard Cybersecurity Ratings
SecurityScorecard Factor 🔶 SecurityScorecard 1 SecurityScorecard Cybersecurity Ratings
SecurityScorecard Issue 🔶 SecurityScorecard 1 SecurityScorecard Cybersecurity Ratings
Semperis Lightning Logs Semperis 7 SemperisLightning
SlashNext Function App 🔶 SlashNext 2 SlashNext
Team Cymru Scout Data Connector Team Cymru Scout 14 Team Cymru Scout
Tenable Vulnerability Management Tenable 5 Tenable App
Tenable.io Vulnerability Management 🔶 Tenable 2 TenableIO
TheHive Project - TheHive 🔶 TheHive Project 1 TheHive
Transmit Security Connector 🔶 TransmitSecurity 1 TransmitSecurity
Trend Micro Cloud App Security 🔶 Trend Micro 1 Trend Micro Cloud App Security
Trend Vision One 🔶 Trend Micro 4 Trend Micro Vision One
Upwind Logs Loader (Ingestion API) ⚠️ Upwind 1 Upwind
Varonis SaaS 🔶 Varonis 1 VaronisSaaS
Vectra XDR Vectra 6 Vectra XDR
Veeam Data Connector (using Azure Functions) Veeam 6 Veeam
VirtualMetric Director Proxy VirtualMetric 1 VirtualMetric DataStream
VMRayThreatIntelligence VMRay 1 VMRay
VMware SD-WAN and SASE Connector ⚠️ VMware by Broadcom 4 VMware SASE
WithSecure Elements API (Azure Function) WithSecure 1 WithSecureElementsViaFunction
Wiz 🔶 Wiz 6 Wiz
Workplace from Facebook Facebook 1 Workplace from Facebook
XBOW Security Platform (via Azure Function) XBOW 3 XBOW
ZeroFox CTI 🔶 ZeroFox 20 ZeroFox
Zoom Reports Zoom 1 ZoomReports

Deprecated Connectors 🚫

Connector Publisher Tables Solution
🚫 [Deprecated] Atlassian Confluence Audit Atlassian 1 AtlassianConfluenceAudit
🚫 [DEPRECATED] Atlassian Jira Audit (using Azure Function) Atlassian 2 AtlassianJiraAudit
🚫 [DEPRECATED] Auth0 Logs (using Azure Function) Auth0 1 Auth0
🚫 [DEPRECATED] Box Events (using Azure Function) Box 2 Box
🚫 [DEPRECATED] Cisco Secure Endpoint (AMP) Cisco 1 Cisco Secure Endpoint
🚫 [DEPRECATED] Cloudflare Cloudflare 1 Cloudflare
🚫 [DEPRECATED] CrowdStrike Falcon Data Replicator (CrowdStrike Managed AWS-S3) (using Azure Function) Crowdstrike 15 CrowdStrike Falcon Endpoint Protection
🚫 [DEPRECATED] Google ApigeeX Google 1 Google Apigee
🚫 [DEPRECATED] Google Cloud Platform Cloud Monitoring Google 1 Google Cloud Platform Cloud Monitoring
🚫 [DEPRECATED] Google Cloud Platform DNS Google 1 GoogleCloudPlatformDNS
🚫 [DEPRECATED] Google Cloud Platform IAM Google 1 GoogleCloudPlatformIAM
🚫 [DEPRECATED] Google Workspace (G Suite) Google 22 GoogleWorkspaceReports
🚫 [DEPRECATED] Lookout Lookout 1 Lookout
🚫 [DEPRECATED] Okta Single Sign-On (using Azure Function) Okta 1 Okta Single Sign-On
🚫 [DEPRECATED] OneLogin IAM Platform OneLogin 3 OneLoginIAM
🚫 [DEPRECATED] Oracle Cloud Infrastructure Oracle 1 Oracle Cloud Infrastructure
🚫 [DEPRECATED] Palo Alto Prisma Cloud CSPM Palo Alto 2 PaloAltoPrismaCloud
🚫 [Deprecated] Proofpoint On Demand Email Security Proofpoint 6 Proofpoint On demand(POD) Email Security
🚫 [Deprecated] Proofpoint TAP Proofpoint 4 ProofPointTap
🚫 [DEPRECATED] Qualys Vulnerability Management Qualys 2 QualysVM
🚫 [DEPRECATED] Salesforce Service Cloud Salesforce 2 Salesforce Service Cloud
🚫 [DEPRECATED] SentinelOne (using Azure Function) SentinelOne 6 SentinelOne
🚫 [DEPRECATED] Slack Audit Slack 3 SlackAudit
🚫 [DEPRECATED] Snowflake Snowflake 1 Snowflake
🚫 [DEPRECATED] Sophos Endpoint Protection (using Azure Function) Sophos 1 Sophos Endpoint Protection
🚫 [DEPRECATED] VMware Carbon Black Cloud (using Azure Function) VMware 3 VMware Carbon Black Cloud
🚫 Mimecast Intelligence for Microsoft - Microsoft Sentinel Mimecast 1 MimecastTIRegional
🚫 Mimecast Secure Email Gateway Mimecast 2 MimecastSEG

🚫 Deprecated: This connector has been deprecated and may be removed in future versions.

⚠️ Unpublished: This item is from a solution that is not yet published on Azure Marketplace or not installed in Content Hub.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Methods Index