ExtraHop RevealX for Microsoft Sentinel

Solution: ExtraHop

ExtraHop Logo

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Attribute	Value
Publisher	ExtraHop Support
Support Tier	Partner
Support Link	https://www.extrahop.com/customer-support
Categories	domains
Version	3.0.2
Author	Shwetha Somashekar - shwethas@extrahop.com
First Published	2025-02-11
Last Updated	2025-10-15
Solution Folder	ExtraHop
Marketplace	Azure Marketplace · Popularity: 🔵 Medium (71%)

Configure the ExtraHop Detection Data Connector to send ExtraHop detection data to the Microsoft Sentinel. An ExtraHop workbook and analytic rules available from the Microsoft Sentinel Workspace enable you to gain insight into detections and generate detection alerts.

Data Connectors
Tables Used
Content Items

Data Connectors

This solution provides 1 data connector(s):

ExtraHop Detections Data Connector

Tables Used

This solution uses 1 table(s):

Table	Used By Connectors	Used By Content
`ExtraHop_Detections_CL`	ExtraHop Detections Data Connector	Analytics, Workbooks

Internal Tables

The following 1 table(s) are used internally by this solution's content items:

Table	Used By Connectors	Used By Content
`SecurityAlert`	-	Workbooks

Content Items

This solution includes 3 content item(s):

Content Type	Count
Analytic Rules	1
Workbooks	1
Parsers	1

Analytic Rules

Name	Severity	Tactics	Tables Used
Generate alerts based on ExtraHop detections recommended for triage	Medium	Persistence	`ExtraHop_Detections_CL`

Workbooks

Name	Tables Used
ExtraHopDetectionsOverview	`ExtraHop_Detections_CL` Internal use: `SecurityAlert`

Parsers

Name	Description	Tables Used
ExtraHopDetections	-	`ExtraHop_Detections_CL` (read)

Release Notes

Version	Date Modified (DD-MM-YYYY)	Change History
3.0.2	21-04-2026	Add Log Ingestion API Support.
3.0.1	04-06-2025	Updated Parser and Workbook to fix issue.
3.0.0	19-03-2025	Initial Solution Release.