Codeless Connector Framework (CCF)

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Methods Index

The Codeless Connector Framework (CCF) enables creating data connectors using a declarative JSON configuration without writing code. CCF connectors can poll REST APIs, process responses, and ingest data into custom log tables. This framework is used for many modern Microsoft Sentinel connectors.

Documentation

Statistics

Metric	Count
Total Connectors	185
Active	149
Deprecated 🚫	1
Unpublished ⚠️	35

Connectors Using This Method

Active Connectors

Connector	Publisher	Tables	Solution
Dragos Notifications via Cloud Sitestore	Dragos	1	Dragos
1Password (Serverless)	1Password	1	1Password
Airlock Digital connector (via Codeless Connector Framework)	Microsoft	3	AirlockDigital
Akamai Guardicore ⚠️	Akamai	4	Akamai Guardicore
Alibaba Cloud ActionTrail (via Codeless Connector Framework)	Microsoft	1	Alibaba Cloud ActionTrail
Alibaba Cloud Networking Data Connector (via Codeless Connector Framework)	Microsoft	1	Alibaba Cloud Networking
Amazon Web Services CloudFront (via Codeless Connector Framework) (Preview) ➕	Microsoft	1	AWS CloudFront
Amazon Web Services Elastic Load Balancing (via Codeless Connector Framework)	Amazon Web Services	6	AWS ELB
Amazon Web Services NetworkFirewall (via Codeless Connector Framework) ➕	Microsoft	3	Amazon Web Services NetworkFirewall
Amazon Web Services S3 DNS Route53 (via Codeless Connector Framework) ➕	Microsoft	1	Amazon Web Services Route 53
Amazon Web Services S3 VPC Flow Logs ⚠️ ➕	Microsoft	1	AWS VPC Flow Logs
Amazon Web Services S3 WAF ➕	Microsoft	1	Amazon Web Services
Anvilogic	Anvilogic	1	Anvilogic
Atlassian Confluence ⚠️	Atlassian	1	AtlassianConfluenceAudit
Atlassian Confluence Audit (via Codeless Connector Framework)	Microsoft	1	AtlassianConfluenceAudit
Atlassian Jira Audit (via Codeless Connector Framework)	Microsoft	1	AtlassianJiraAudit
Auth0 Logs (via Codeless Connector Framework)	Microsoft	1	Auth0
AWS EKS Data Connector (via Codeless Connector Framework)	Amazon Web Services	1	AWS EKS
AWS S3 Server Access Logs (via Codeless Connector Framework) ➕	Microsoft	1	AWS_AccessLogs
AWS Security Hub Findings (via Codeless Connector Framework) ➕	Microsoft	1	AWS Security Hub
Azure DevOps Audit Logs (via Codeless Connector Platform)	Microsoft	1	AzureDevOpsAuditing
BigID DSPM connector	BigID	2	BigID
BitSight Security Events (via Codeless Connector Framework)	Microsoft	3	BitSight
BitSight Security Statistics (via Codeless Connector Framework)	Microsoft	8	BitSight
Bitwarden Event Logs	Bitwarden Inc	3	Bitwarden
Box Events (via Codeless Connector Framework)	Microsoft	1	Box
Check Point CloudGuard CNAPP Connector for Microsoft Sentinel	CheckPoint	1	Check Point CloudGuard CNAPP
Check Point Cyberint Alerts Connector (via Codeless Connector Platform)	Checkpoint Cyberint	1	Check Point Cyberint Alerts
Check Point Cyberint IOC Connector	Checkpoint Cyberint	1	Check Point Cyberint IOC
Cisco Email Threat Defense (ETD)	Cisco	1	Cisco ETD
Cisco Meraki (using REST API) ➕	Microsoft	3	Cisco Meraki Events via REST API
Cisco Meraki (using REST API) ➕	Microsoft	3	CiscoMeraki
Cisco Secure Endpoint (via Codeless Connector Framework)	Microsoft	2	Cisco Secure Endpoint
Cisco Umbrella (via Codeless Connector Framework)	Cisco	10	CiscoUmbrella
Cloudflare (Using Blob Container) (via Codeless Connector Framework)	Microsoft	1	Cloudflare
Cortex XDR - Incidents	DEFEND Ltd.	1	Cortex XDR
CrowdStrike API Data Connector (via Codeless Connector Framework)	Microsoft	5	CrowdStrike Falcon Endpoint Protection
CrowdStrike Falcon Data Replicator (AWS S3) (via Codeless Connector Framework)	Microsoft	10	CrowdStrike Falcon Endpoint Protection
CTM360 CyberBlindSpot (Serverless)	CTM360	6	CTM360
CTM360 HackerView (Serverless)	CTM360	1	CTM360
CyberArk Audit	Microsoft	1	CyberArkAudit
CyberArk EPM	CyberArk	?	CyberArkEPM
Cyble Vision Alerts	Cyble	1	Cyble Vision
Cyera DSPM Microsoft Sentinel Data Connector	Cyera Inc	5	CyeraDSPM
CYFIRMA Attack Surface	Microsoft	6	Cyfirma Attack Surface
CYFIRMA Brand Intelligence	Microsoft	5	Cyfirma Brand Intelligence
CYFIRMA Compromised Accounts	Microsoft	1	Cyfirma Compromised Accounts
CYFIRMA Cyber Intelligence	Microsoft	4	Cyfirma Cyber Intelligence
CYFIRMA Digital Risk	Microsoft	7	Cyfirma Digital Risk
CYFIRMA Vulnerabilities Intelligence	Microsoft	1	Cyfirma Vulnerabilities Intel
Cyren Threat Intelligence 🔶	Cyren	1	CyrenThreatIntelligence
D3 Smart SOAR Incidents	D3 Security	1	D3SmartSOAR
Druva Events Connector	Microsoft	3	DruvaDataSecurityCloud
Dynamics 365 Finance and Operations	Microsoft	1	Microsoft Business Applications
Dynatrace Attacks V1	Dynatrace	2	Dynatrace
Dynatrace Attacks V2	Dynatrace	1	Dynatrace
Dynatrace Audit Logs V1	Dynatrace	2	Dynatrace
Dynatrace Audit Logs V2	Dynatrace	1	Dynatrace
Dynatrace Problems V1	Dynatrace	2	Dynatrace
Dynatrace Problems V2	Dynatrace	1	Dynatrace
Dynatrace Runtime Vulnerabilities V1	Dynatrace	2	Dynatrace
Dynatrace Runtime Vulnerabilities V2	Dynatrace	1	Dynatrace
Egress Defend ⚠️ 🔶	Egress Software Technologies	2	Egress Defend
Egress Iris Connector 🔶	Egress Software Technologies	3	Egress Iris
Elastic Agent (via Codeless Connector Framework)	Microsoft	1	ElasticAgent
Ermes Browser Security Events	Ermes Cyber Security S.p.A.	1	Ermes Browser Security
Feedly IoC 🔶	Feedly	1	Feedly
Field Effect MDR Data Connector (via Codeless Connector Framework) ⚠️	Field Effect	1	FieldEffectMDR
Filewall for Microsoft 365 ⚠️	Filewall	2	Filewall for Microsoft 365
Fortra Agari Data Connector (via Codeless Connector Framework)	Microsoft	5	Agari
GCP Cloud Run (via Codeless Connector Framework)	Microsoft	1	Google Cloud Platform Cloud Run
GCP Cloud SQL (via Codeless Connector Framework)	Microsoft	1	GoogleCloudPlatformSQL
GCP Pub/Sub Audit Logs ➕	Microsoft	1	Google Cloud Platform Audit Logs
GCP Pub/Sub Audit Logs ⚠️ ➕	Microsoft	1	Google Cloud Platform Audit Logs
GCP Pub/Sub Firewall Logs	Microsoft	1	Google Cloud Platform Firewall Logs
GCP Pub/Sub Load Balancer Logs (via Codeless Connector Platform).	Microsoft	1	Google Cloud Platform Load Balancer Logs
GCP Pub/Sub VPC Flow Logs (via Codeless Connector Framework)	Microsoft	1	Google Cloud Platform VPC Flow Logs
GitHub Enterprise Audit Log (via Azure Storage)	Microsoft	1	GitHub
GitHub Enterprise Audit Log (via Codeless Connector Framework)	Microsoft	1	GitHub
Google ApigeeX (via Codeless Connector Framework)	Microsoft	1	Google Apigee
Google Cloud Platform CDN (via Codeless Connector Framework)	Microsoft	1	GoogleCloudPlatformCDN
Google Cloud Platform Cloud IDS (via Codeless Connector Framework)	Microsoft	1	GoogleCloudPlatformIDS
Google Cloud Platform Cloud Monitoring (via Codeless Connector Framework)	Microsoft	1	Google Cloud Platform Cloud Monitoring
Google Cloud Platform Compute Engine (via Codeless Connector Framework)	Microsoft	1	Google Cloud Platform Compute Engine
Google Cloud Platform DNS (via Codeless Connector Framework)	Microsoft	1	GoogleCloudPlatformDNS
Google Cloud Platform IAM (via Codeless Connector Framework)	Microsoft	1	GoogleCloudPlatformIAM
Google Cloud Platform NAT (via Codeless Connector Framework)	Microsoft	2	GoogleCloudPlatformNAT
Google Cloud Platform Resource Manager (via Codeless Connector Framework)	Microsoft	1	GoogleCloudPlatformResourceManager
Google Kubernetes Engine (via Codeless Connector Framework)	Microsoft	6	Google Kubernetes Engine
Google Workspace Activities (via Codeless Connector Framework)	Microsoft	1	GoogleWorkspaceReports
Illumio Insights	Microsoft	1	Illumio Insight
Illumio Insights Graph	Illumio	1	Illumio Insight
Illumio Insights Summary	Illumio	1	Illumio Insight
Illumio Saas ⚠️	Microsoft	1	IllumioSaaS
Imperva Cloud WAF (via Codeless Connector Framework)	Microsoft	1	ImpervaCloudWAF
IONIX Security Logs (via Codeless Connector Framework) 🔶	IONIX	1	IONIX
Island Enterprise Browser Admin Events (Legacy)	Island	1	Island
Island Enterprise Browser User Events (Legacy)	Island	1	Island
Island Enterprise Browser V2	Island	3	Island
KnowBe4 Defend ⚠️ 🔶	KnowBe4	2	KnowBe4 Defend
LastPass Enterprise - Reporting (Polling CCP) 🔶	The Collective Consulting BV	1	Lastpass Enterprise Activity Monitoring
Lookout Mobile Threat Detection Connector (via Codeless Connector Framework) (Preview)	Microsoft	1	Lookout
MailRisk by Secure Practice	Secure Practice	1	MailRisk
meshStack Event Logs	meshcloud	1	meshStack
Microsoft 365 Audit.DLP ⚠️	Marko Lauren	1	Microsoft 365 Audit General and DLP
Microsoft 365 Audit.General ⚠️	Marko Lauren	1	Microsoft 365 Audit General and DLP
Microsoft Copilot	Microsoft	1	Microsoft Copilot
Miro Audit Logs (Enterprise Plan)	Miro	1	Miro
Miro Content Logs (Enterprise Plan + Enterprise Guard)	Miro	1	Miro
Morphisec API Data Connector (via Codeless Connector Framework)	Morphisec	1	Morphisec
Mulesoft CloudHub Alerts Connector (via Codeless Connector Framework)	Microsoft	1	Mulesoft
Netskope Alerts and Events (via Codeless Connector Framework)	Netskope	9	Netskopev2
Netskope Web Transaction Connector (via Blob Storage)	Netskope	1	NetskopeWebTx
Okta Single Sign-On (Polling CCP) ⚠️	Okta	1	Okta Single Sign-On
Okta Single Sign-On (via Codeless Connector Framework)	Microsoft	1	Okta Single Sign-On
OneLogin IAM Platform (via Codeless Connector Framework)	Microsoft	2	OneLoginIAM
OpenAI (via Codeless Connector Framework)	Microsoft	2	OpenAI
Oracle Cloud Infrastructure (via Codeless Connector Framework) 🔶	Microsoft	1	Oracle Cloud Infrastructure
Palo Alto Cortex XDR	Microsoft	5	Cortex XDR
Palo Alto Cortex Xpanse (via Codeless Connector Framework)	Microsoft	1	Palo Alto Cortex Xpanse CCF
Palo Alto Prisma Cloud CSPM (via Codeless Connector Framework)	Microsoft	2	PaloAltoPrismaCloud
Palo Alto Prisma Cloud CWPP (using REST API) 🔶	Microsoft	1	Palo Alto Prisma Cloud CWPP
Phosphorus Devices	Phosphorus Inc.	1	Phosphorus
Ping One (via Codeless Connector Framework)	Microsoft	1	PingOne
Proofpoint On Demand Email Security (via Codeless Connector Platform)	Proofpoint	2	Proofpoint On demand(POD) Email Security
Proofpoint TAP (via Codeless Connector Platform)	Proofpoint	4	ProofPointTap
QscoutAppEventsConnector (via Codeless Connector Framework)	Quokka	1	Quokka
Qualys Knowledge Base (via Codeless Connector Framework) 🔶	Microsoft	2	Qualys VM Knowledgebase
Qualys Vulnerability Management (via Codeless Connector Framework)	Microsoft	1	QualysVM
Rapid7 Insight Platform Vulnerability Management Reports (via Codeless Connector Framework)	Microsoft	2	Rapid7InsightVM
RSA ID Plus Admin Logs Connector	RSA	1	RSAIDPlus_AdminLogs_Connector
Rubrik Security Cloud Protection Status (using Codeless Connector Framework)	Rubrik, Inc	1	RubrikSecurityCloud
SailPoint IdentityNow (via Codeless Connector Framework)	Microsoft	1	SailPointIdentityNow
Salesforce Audit Logs (via Codeless Connector Framework)	Microsoft	2	Salesforce Service Cloud
SalesForce Real-Time Event Monitoring Connector (via Codeless Connector Framework)	Microsoft	1	Salesforce Service Cloud
Salesforce Service Cloud (via Codeless Connector Framework)	Microsoft	1	Salesforce Service Cloud
SAP BTP	Microsoft	1	SAP BTP
SAP Enterprise Threat Detection, cloud edition	SAP	2	SAP ETD Cloud
SAP S/4HANA Cloud Public Edition	SAP	1	SAP S4 Cloud Public Edition
SentinelOne (via Codeless Connector Framework)	Microsoft	5	SentinelOne
Seraphic Web Security	Seraphic	1	SeraphicSecurity
Slack ⚠️ 🔶	Slack	1	SlackAudit
SlackAudit (via Codeless Connector Framework)	Microsoft	1	SlackAudit
Snowflake (via Codeless Connector Framework)	Microsoft	10	Snowflake
SOC Prime Platform Audit Logs Data Connector	Microsoft	1	SOC Prime CCF
Sophos Endpoint Protection (via Codeless Connector Platform)	Microsoft	2	Sophos Endpoint Protection
Strider Shield	NVISO	5	Strider Shield
StyxView Alerts (via Codeless Connector Platform) ⚠️	Styx Intelligence	1	Styx Intelligence
TacitRed Compromised Credentials 🔶	TacitRed	1	TacitRedThreatIntelligence
TheHive (via Codeless Connector Framework)	TheHive	1	TheHive
Trellix Endpoint Security (via Codeless Connector Framework)	Microsoft	1	Trellix
Tropico Security - Alerts	Tropico Security	1	Tropico
Tropico Security - Events	Tropico Security	1	Tropico
Tropico Security - Incidents	Tropico Security	1	Tropico
UniFi Site Manager (CCF) ⚠️	Community	4	UniFi Site Manager (CCF)
Utimaco Enterprise Secure Key Manager (ESKM) ⚠️	Utimaco	1	Utimaco Enterprise Secure Key Manager
Vaikora AI Agent Behavioral Signals 🔶	Data443 Risk Mitigation, Inc.	1	Vaikora-Sentinel
Valimail Enforce Configuration Events	Valimail	1	ValimailEnforce
VersasecCms	Versasec AB	2	VersasecCMS
Visa Threat Intelligence ⚠️	Microsoft	1	Visa Threat Intelligence (VTI)
VMware Carbon Black Cloud via AWS S3 (via Codeless Connector Framework)	Microsoft	7	VMware Carbon Black Cloud
VMware Workspace ONE (via Codeless Connector Framework)	Microsoft	2	VMware Workspace ONE
Workday User Activity	Microsoft	1	Workday
Zero Networks Segment Audit	Zero Networks	1	ZeroNetworks
Zero Networks Segment Audit ⚠️	Zero Networks	1	ZeroNetworks
ZeroFox Enterprise - Advanced Dark Web ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Alerts (Polling CCF) 🔶	ZeroFox Enterprise	1	ZeroFox
ZeroFox Enterprise - Botnet ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Botnet Compromised Credentials ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Breaches ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Compromised Credentials ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Credit Cards ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Dark Web ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Discord ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Disruption ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Email Addresses ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Exploits ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Indicators ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Key Incidents ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - National IDs ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Physical Threats ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Telegram ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
ZeroFox Enterprise - Vulnerabilities ⚠️	ZeroFox Enterprise	1	ZeroFox Threat Intelligence
Zoom Reports Connector (via Codeless Connector Framework)	Microsoft	1	ZoomReports

Deprecated Connectors 🚫

Connector	Publisher	Tables	Solution
🚫 [Deprecated] GitHub Enterprise Audit Log	GitHub	2	GitHub

🚫 Deprecated: This connector has been deprecated and may be removed in future versions.

⚠️ Unpublished: This item is from a solution that is not yet published on Azure Marketplace or not installed in Content Hub.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Methods Index