SOC Prime Platform Audit Logs Data Connector
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
| Attribute | Value |
|---|---|
| Connector ID | SOCPrimeAuditLogsDataConnector |
| Publisher | Microsoft |
| Used in Solutions | SOC Prime CCF |
| Collection Method | CCF |
| Connector Definition Files | SOCPrime_DataConnectorDefinition.json |
| DCR Definition Files | SOCPrime_DCR.json |
| CCF Configuration | SOCPrime_PollingConfig.json |
| CCF Capabilities | APIKey, Paging |
| Microsoft Learn | View on Learn |
The SOC Prime Audit Logs data connector allows ingesting logs from the SOC Prime Platform API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses the SOC Prime Platform API to fetch SOC Prime platform audit logs and it supports DCR-based ingestion time transformations that parses the received security data into a custom table, thus resulting in better performance.
Tables Ingested
This connector ingests data into the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
SOCPrimeAuditLogs_CL |
✓ | ✓ | ✓ |
💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.
Permissions
Resource Provider Permissions:
- Workspace (Workspace): Read and Write permissions are required.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
Configuration steps for the SOC Prime Platform API
Follow the instructions to obtain the credentials. you can also follow this guide to generate personal API key.
Retrieve API Key
- Log in to the SOC Prime Platform
- Click [Account] icon -> [Platform Settings] -> [API]
- Click [Add New Key]
- In the modal that appears give your key a meaningful name, set expiration date and product APIs the key provides access to
- Click on [Generate]
- Copy the key and save it in a safe place. You won't be able to view it again once you close this modal
- SOC Prime API Key: (password field)
- Click 'Connect' to establish connection
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊