HTTP Data Collector API (Legacy)

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Methods Index

The HTTP Data Collector API (also known as the Log Analytics Data Collector API) is the legacy method for sending custom log data to Azure Monitor Logs. It uses workspace shared keys for authentication and writes to custom log tables with the _CL suffix. Note: This API is deprecated in favor of the Logs Ingestion API and will be retired on September 14, 2026.

Documentation

Statistics

Metric Count
Total Connectors 142
Active 104
Deprecated 🚫 29
Unpublished ⚠️ 9

By Collection Method

Collection Method Count
Azure Function 87
REST Pull API 55
Total 142

Connectors Using This API

Active Connectors

Connector Collection Method Publisher Tables Solution
AbnormalSecurity 🔶 Azure Function AbnormalSecurity 2 AbnormalSecurity
Agari Phishing Defense and Brand Protection ⚠️ 🔶 Azure Function Agari 3 Agari
AIShield REST Pull API Bosch 1 AIShield AI Security Monitoring
AliCloud Azure Function AliCloud 1 Alibaba Cloud
API Protection 🔶 REST Pull API 42Crunch 1 42Crunch API Protection
ARGOS Cloud Security 🔶 REST Pull API ARGOS Cloud Security 1 ARGOSCloudSecurity
Armorblox 🔶 Azure Function Armorblox 1 Armorblox
Atlassian Beacon Alerts 🔶 REST Pull API DEFEND Ltd. 1 Integration for Atlassian Beacon
Authomize Data Connector ⚠️ 🔶 REST Pull API Authomize 1 Authomize
Azure CloudNGFW By Palo Alto Networks 🔶 REST Pull API Palo Alto Networks 1 Azure Cloud NGFW By Palo Alto Networks
BETTER Mobile Threat Defense (MTD) 🔶 REST Pull API BETTER Mobile 4 BETTER Mobile Threat Defense (MTD)
Beyond Security beSECURE ⚠️ 🔍 🔶 REST Pull API Beyond Security 3 Beyond Security beSECURE
BeyondTrust PM Cloud Azure Function BeyondTrust 2 BeyondTrustPMCloud
Bitglass 🔶 Azure Function Bitglass 1 Bitglass
blacklens.io REST Pull API snapSEC GmbH 1 Blacklens
Bloodhound Enterprise Azure Function SpecterOps 1 BloodHound Enterprise
Cisco Cloud Security 🔶 Azure Function Cisco 12 CiscoUmbrella
Cisco Cloud Security (using elastic premium plan) 🔶 Azure Function Cisco 12 CiscoUmbrella
Cisco Duo Security 🔶 Azure Function Cisco 1 CiscoDuoSecurity
Cisco ETD 🔶 Azure Function Cisco 1 Cisco ETD
CITRIX SECURITY ANALYTICS 🔶 REST Pull API CITRIX 4 Citrix Analytics for Security
Cofense Intelligence Threat Indicators Ingestion ⚠️ 🔶 Azure Function Cofense 2 CofenseIntelligence
Cofense Triage Threat Indicators Ingestion ⚠️ 🔶 Azure Function Cofense 3 CofenseTriage
Cognni 🔶 REST Pull API Cognni 1 Cognni
Cohesity Azure Function Cohesity 1 CohesitySecurity
ContrastADR 🔍 🔶 Azure Function Contrast Security 2 ContrastADR
Corelight Connector Exporter 🔶 REST Pull API Corelight 108 Corelight
Cribl 🔶 REST Pull API Cribl 4 Cribl
CrowdStrike Falcon Adversary Intelligence Azure Function CrowdStrike 1 CrowdStrike Falcon Endpoint Protection
Cyber Blind Spot Integration 🔍 🔶 Azure Function CTM360 1 CTM360
CyberArkEPM 🔶 Azure Function CyberArk 1 CyberArkEPM
Cybersixgill Actionable Alerts Azure Function Cybersixgill 1 Cybersixgill-Actionable-Alerts
Cyjax Threat Intelligence IOC Connector ⚠️ Azure Function Cyjax 1 Cyjax
Cynerio Security Events 🔶 REST Pull API Cynerio 1 Cynerio
Darktrace Connector for Microsoft Sentinel REST API 🔶 REST Pull API Darktrace 1 Darktrace
Datawiza DAP 🔶 REST Pull API Datawiza 1 Datawiza
Derdack SIGNL4 🔶 REST Pull API Derdack 2 SIGNL4
Digital Shadows Searchlight 🔶 Azure Function Digital Shadows 1 Digital Shadows
Doppel Data Connector REST Pull API Doppel 1 Doppel
ESET Inspect 🔶 Azure Function ESET Netherlands 1 ESET Inspect
Exchange Security Insights On-Premises Collector 🔶 REST Pull API Microsoft 1 Microsoft Exchange Security - Exchange On-Premises
Exchange Security Insights Online Collector 🔶 Azure Function Microsoft 1 Microsoft Exchange Security - Exchange Online
F5 BIG-IP 🔶 REST Pull API F5 Networks 3 F5 Big-IP
Forcepoint DLP 🔍 🔶 REST Pull API Forcepoint 1 Forcepoint DLP
Forescout eyeInspect for OT Security ⚠️ 🔍 REST Pull API Forescout 2 Forescout eyeInspect for OT Security
Forescout Host Property Monitor 🔶 REST Pull API Forescout 3 ForescoutHostPropertyMonitor
Fortinet FortiNDR Cloud 🔶 Azure Function Fortinet 3 Fortinet FortiNDR Cloud
Garrison ULTRA Remote Logs REST Pull API Garrison 1 Garrison ULTRA
HackerView Intergration 🔍 🔶 Azure Function CTM360 1 CTM360
Holm Security Asset Data 🔶 Azure Function Holm Security 2 HolmSecurity
HYAS Protect 🔶 Azure Function HYAS 1 HYAS Protect
Imperva Cloud WAF 🔶 Azure Function Imperva 3 ImpervaCloudWAF
Infoblox Data Connector via REST API 🔶 Azure Function Infoblox 18 Infoblox
Infoblox SOC Insight Data Connector via REST API 🔶 REST Pull API Infoblox 1 Infoblox
InfoSecGlobal Data Connector 🔶 REST Pull API InfoSecGlobal 1 AgileSec Analytics Connector
JoeSandboxThreatIntelligence Azure Function Joe Security LLC 1 JoeSandbox
Lookout Cloud Security for Microsoft Sentinel 🔶 Azure Function Lookout 1 Lookout Cloud Security Platform for Microsoft Sentinel
Luminar IOCs and Leaked Credentials Azure Function Cognyte Technologies Israel Ltd 1 CognyteLuminar
MailGuard 365 🔍 🔶 REST Pull API MailGuard365 1 MailGuard 365
Microsoft Exchange HTTP Proxy Logs 🔶 REST Pull API Microsoft 1 Microsoft Exchange Security - Exchange On-Premises
Microsoft Exchange Message Tracking Logs 🔶 REST Pull API Microsoft 1 Microsoft Exchange Security - Exchange On-Premises
MuleSoft Cloudhub 🔶 Azure Function MuleSoft 1 Mulesoft
NC Protect 🔶 REST Pull API archTIS 1 NC Protect Data Connector
Netclean ProActive Incidents 🔶 REST Pull API NetClean Technologies 1 NetClean ProActive
Netskope 🔶 Azure Function Netskope 1 Netskope
Netskope Data Connector 🔶 Azure Function Netskope 17 Netskopev2
Netskope Web Transactions Data Connector 🔶 Azure Function Netskope 2 Netskopev2
Noname Security for Microsoft Sentinel 🔶 REST Pull API Noname Security 1 Noname API Security Solution for Microsoft Sentinel
NXLog AIX Audit 🔶 REST Pull API NXLog 1 NXLogAixAudit
NXLog BSM macOS 🔶 REST Pull API NXLog 1 NXLog BSM macOS
NXLog DNS Logs 🔶 REST Pull API NXLog 1 NXLogDNSLogs
NXLog FIM 🔶 REST Pull API NXLog 1 NXLog FIM
NXLog LinuxAudit 🔶 REST Pull API NXLog 1 NXLog LinuxAudit
Open Systems Data Connector 🔍 🔶 Azure Function Open Systems 4 Open Systems
Orca Security Alerts 🔶 REST Pull API Orca Security 1 Orca Security Alerts
Palo Alto Prisma Cloud CWPP (using REST API) 🔍 🔶 REST Pull API Microsoft 1 Palo Alto Prisma Cloud CWPP
PDNS Block Data Connector ⚠️ 🔍 🔶 Azure Function Nominet 1 PDNS Block Data Connector
Perimeter 81 Activity Logs 🔶 REST Pull API Perimeter 81 1 Perimeter 81
Prancer Data Connector 🔍 🔶 REST Pull API Prancer 1 Prancer PenSuiteAI Integration
Qualys VM KnowledgeBase 🔶 Azure Function Qualys 2 Qualys VM Knowledgebase
Rapid7 Insight Platform Vulnerability Management Reports 🔶 Azure Function Rapid7 2 Rapid7InsightVM
Red Canary Threat Detection 🔍 🔶 REST Pull API Red Canary 1 Red Canary
Rubrik Security Cloud data connector 🔶 Azure Function Rubrik, Inc 4 RubrikSecurityCloud
SaaS Security 🔶 REST Pull API Valence Security 1 Valence Security
SailPoint IdentityNow 🔶 Azure Function SailPoint 2 SailPointIdentityNow
Samsung Knox Asset Intelligence REST Pull API Samsung 6 Samsung Knox Asset Intelligence
SecurityScorecard Cybersecurity Ratings 🔶 Azure Function SecurityScorecard 1 SecurityScorecard Cybersecurity Ratings
SecurityScorecard Factor 🔶 Azure Function SecurityScorecard 1 SecurityScorecard Cybersecurity Ratings
SecurityScorecard Issue 🔶 Azure Function SecurityScorecard 1 SecurityScorecard Cybersecurity Ratings
SenservaPro (Preview) 🔶 REST Pull API Senserva 1 SenservaPro
Sevco Platform - Devices ⚠️ 🔶 REST Pull API Sevco Security 1 SevcoSecurity
SINEC Security Guard REST Pull API Siemens AG 1 SINEC Security Guard
SlashNext Function App 🔶 Azure Function SlashNext 2 SlashNext
Sonrai Data Connector 🔶 REST Pull API Sonrai 1 SonraiSecurity
Sophos Cloud Optix 🔶 REST Pull API Sophos 1 Sophos Cloud Optix
Squadra Technologies secRMM 🔶 REST Pull API Squadra Technologies 1 Squadra Technologies SecRmm
Symantec Integrated Cyber Defense Exchange 🔶 REST Pull API Symantec 1 Symantec Integrated Cyber Defense
Talon Insights 🔶 REST Pull API Talon Security 1 Talon
Tenable.io Vulnerability Management 🔶 Azure Function Tenable 2 TenableIO
TheHive Project - TheHive 🔍 🔶 Azure Function TheHive Project 1 TheHive
Theom 🔶 REST Pull API Theom 1 Theom
Transmit Security Connector 🔶 Azure Function TransmitSecurity 1 TransmitSecurity
Trend Micro Cloud App Security 🔶 Azure Function Trend Micro 1 Trend Micro Cloud App Security
Trend Vision One 🔶 Azure Function Trend Micro 4 Trend Micro Vision One
Varonis SaaS 🔶 Azure Function Varonis 1 VaronisSaaS
Veeam Data Connector (using Azure Functions) Azure Function Veeam 6 Veeam
VirtualMetric Director Proxy Azure Function VirtualMetric 1 VirtualMetric DataStream
VMRayThreatIntelligence Azure Function VMRay 1 VMRay
Wiz 🔶 Azure Function Wiz 6 Wiz
Workplace from Facebook Azure Function Facebook 1 Workplace from Facebook
ZeroFox CTI 🔶 Azure Function ZeroFox 20 ZeroFox
Zimperium Mobile Threat Defense 🔍 🔶 REST Pull API Zimperium 2 Zimperium Mobile Threat Defense
Zoom Reports Azure Function Zoom 1 ZoomReports

Deprecated Connectors 🚫

Connector Collection Method Publisher Tables Solution
🚫 [Deprecated] Atlassian Confluence Audit Azure Function Atlassian 1 AtlassianConfluenceAudit
🚫 [DEPRECATED] Atlassian Jira Audit (using Azure Function) Azure Function Atlassian 2 AtlassianJiraAudit
🚫 [DEPRECATED] Auth0 Logs (using Azure Function) Azure Function Auth0 1 Auth0
🚫 [DEPRECATED] Box Events (using Azure Function) Azure Function Box 2 Box
🚫 [DEPRECATED] Cisco Secure Endpoint (AMP) Azure Function Cisco 1 Cisco Secure Endpoint
🚫 [DEPRECATED] Cloudflare Azure Function Cloudflare 1 Cloudflare
🚫 [DEPRECATED] CrowdStrike Falcon Data Replicator (CrowdStrike Managed AWS-S3) (using Azure Function) Azure Function Crowdstrike 15 CrowdStrike Falcon Endpoint Protection
🚫 [DEPRECATED] Google ApigeeX Azure Function Google 1 Google Apigee
🚫 [DEPRECATED] Google Cloud Platform Cloud Monitoring Azure Function Google 1 Google Cloud Platform Cloud Monitoring
🚫 [DEPRECATED] Google Cloud Platform DNS Azure Function Google 1 GoogleCloudPlatformDNS
🚫 [DEPRECATED] Google Cloud Platform IAM Azure Function Google 1 GoogleCloudPlatformIAM
🚫 [DEPRECATED] Google Workspace (G Suite) Azure Function Google 22 GoogleWorkspaceReports
🚫 [DEPRECATED] IONIX Security Logs (Push) REST Pull API IONIX 1 IONIX
🚫 [DEPRECATED] Lookout Azure Function Lookout 1 Lookout
🚫 [DEPRECATED] Okta Single Sign-On (using Azure Function) Azure Function Okta 1 Okta Single Sign-On
🚫 [DEPRECATED] OneLogin IAM Platform Azure Function OneLogin 3 OneLoginIAM
🚫 [DEPRECATED] Oracle Cloud Infrastructure Azure Function Oracle 1 Oracle Cloud Infrastructure
🚫 [DEPRECATED] Palo Alto Prisma Cloud CSPM Azure Function Palo Alto 2 PaloAltoPrismaCloud
🚫 [Deprecated] Proofpoint On Demand Email Security Azure Function Proofpoint 6 Proofpoint On demand(POD) Email Security
🚫 [Deprecated] Proofpoint TAP Azure Function Proofpoint 4 ProofPointTap
🚫 [DEPRECATED] Qualys Vulnerability Management Azure Function Qualys 2 QualysVM
🚫 [DEPRECATED] Salesforce Service Cloud Azure Function Salesforce 2 Salesforce Service Cloud
🚫 [DEPRECATED] SentinelOne (using Azure Function) Azure Function SentinelOne 6 SentinelOne
🚫 [DEPRECATED] Slack Audit Azure Function Slack 3 SlackAudit
🚫 [DEPRECATED] Snowflake Azure Function Snowflake 1 Snowflake
🚫 [DEPRECATED] Sophos Endpoint Protection (using Azure Function) Azure Function Sophos 1 Sophos Endpoint Protection
🚫 [DEPRECATED] VMware Carbon Black Cloud (using Azure Function) Azure Function VMware 3 VMware Carbon Black Cloud
🚫 Mimecast Intelligence for Microsoft - Microsoft Sentinel Azure Function Mimecast 1 MimecastTIRegional
🚫 Mimecast Secure Email Gateway Azure Function Mimecast 2 MimecastSEG

🚫 Deprecated: This connector has been deprecated and may be removed in future versions.

⚠️ Unpublished: This item is from a solution that is not yet published on Azure Marketplace or not installed in Content Hub.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Methods Index