Flare for Microsoft Sentinel
Solution: Flare
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
| Attribute | Value |
|---|---|
| Publisher | Flare |
| Support Tier | Partner |
| Support Link | https://flare.io/contact/ |
| Categories | Security - Threat Protection |
| Version | 3.1.0 |
| Author | Flare - support@flare.io |
| First Published | 2021-10-20 |
| Last Updated | 2026-05-21 |
| Solution Folder | Flare |
| Marketplace | Azure Marketplace · Rating: ★★★★★ 5.0/5 (1 ratings) · Popularity: 🟡 Low (42%) |
The Flare Systems Firework solution allows you to receive data and intelligence from Firework on Microsoft Sentinel.
Underlying Microsoft Technologies used:
This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs.
a .Azure Monitor HTTP Data Collector API
Contents
Data Connectors
This solution provides 1 data connector(s):
Tables Used
This solution uses 1 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
FireworkV2_CL |
Flare Push Connector | Analytics, Workbooks |
Content Items
This solution includes 12 content item(s):
| Content Type | Count |
|---|---|
| Analytic Rules | 10 |
| Workbooks | 1 |
| Playbooks | 1 |
Analytic Rules
| Name | Severity | Tactics | Tables Used |
|---|---|---|---|
| Flare chat results | Medium | Reconnaissance | FireworkV2_CL |
| Flare cloud bucket results | Medium | Reconnaissance | FireworkV2_CL |
| Flare google dork results | Medium | Reconnaissance | FireworkV2_CL |
| Flare host results | Medium | Reconnaissance | FireworkV2_CL |
| Flare infected device results | Medium | CredentialAccess | FireworkV2_CL |
| Flare leaked credentials results | Medium | CredentialAccess | FireworkV2_CL |
| Flare lookalike domain results | Medium | Reconnaissance | FireworkV2_CL |
| Flare marketplace results | Medium | Reconnaissance | FireworkV2_CL |
| Flare paste results | Medium | Reconnaissance | FireworkV2_CL |
| Flare source code results | Medium | Reconnaissance | FireworkV2_CL |
Workbooks
| Name | Tables Used |
|---|---|
| FlareSystemsFireworkOverview | FireworkV2_CL |
Playbooks
| Name | Description | Tables Used |
|---|---|---|
| credential-warning | **This playbook is deprecated and will be replaced in a future update. Functionality may be limited ... | - |
Release Notes
Release Notes
Release notes are available starting from version 2.2.0. Earlier versions did not have published release notes.
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.1.0 | 21-04-2026 | Updated Analytic Rules and Workbooks queries to be more accurate. Added three new Analytic Rules and removed one. |
| 3.0.0 | 15-12-2025 | New CFF connector that replaces deprecated Rest API connector. New Polling config for CFF connector. New DCR config for CFF connector. Added Table definition for FireworkV2_CL. Fixed Analytic Rules to handle missing columns using column_ifexists().Added ReleaseNotes.md file. |
| 1.0.0 | 21-10-2021 | Initial Solution Release. |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊