Forcepoint DLP

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Solutions Index

---

Attribute	Value
Publisher	Community
Support Tier	Community
Support Link	https://github.com/Azure/Azure-Sentinel/issues
Categories	domains
Version	2.0.1
Author	Forcepoint - isv@email.com
First Published	2022-05-09
Solution Folder	Forcepoint DLP
Marketplace	Azure Marketplace · Popularity: 🔵 Medium (76%)

The Forcepoint DLP (Data Loss Prevention) Solution for Microsoft Sentinel allows you to automatically export DLP incident data from Forcepoint DLP into Microsoft Sentinel in real-time. This enriches visibility into user activities and data loss incidents, enables further correlation with data from Azure workloads and other feeds, and improves monitoring capability with Workbooks inside Microsoft Sentinel.

For more details about this solution refer to integration documentation

Underlying Microsoft Technologies used:

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

• Azure Monitor HTTP Data Collector API

Contents

• Data Connectors
• Tables Used
• Content Items

Data Connectors

This solution has 1 discovered data connector(s)⚠️ (not in Solution definition):

• Forcepoint DLP ⚠️ 🔶

🔍 Discovered: This item was discovered by scanning the solution folder but is not listed in the Solution JSON file.

🔶 CLv1: This connector ingests into a table that uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g. _s, _d, _b, _t, _g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.

Tables Used

This solution uses 1 table(s):

Table	Used By Connectors	Used By Content
ForcepointDLPEvents_CL 🔶	Forcepoint DLP	Workbooks

🔶 CLv1: This table uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g. _s, _d, _b, _t, _g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.

Content Items

This solution includes 1 content item(s):

Content Type	Count
Workbooks	1

Workbooks

Name	Tables Used
ForcepointDLP	ForcepointDLPEvents_CL

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Solutions Index