SOC Prime Audit CCP
Solution: SOC Prime CCF
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | SOC Prime |
| Support Tier | Partner |
| Support Link | https://socprime.com/ |
| Categories | domains |
| Version | 3.0.1 |
| Author | SOC Prime - support@socprime.com |
| First Published | 2025-09-25 |
| Last Updated | 2026-01-07 |
| Solution Folder | SOC Prime CCF |
| Marketplace | Azure Marketplace · Popularity: ⚪ Very Low (0%) |
The SOC Prime Audit Logs data connector allows ingesting logs from the SOC Prime Platform API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses the SOC Prime Platform API to fetch SOC Prime platform audit logs and it supports DCR-based ingestion time transformations that parses the received security data into a custom table, thus resulting in better performance.
Contents
Data Connectors
This solution provides 1 data connector(s):
Tables Used
This solution uses 1 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
SOCPrimeAuditLogs_CL |
SOC Prime Platform Audit Logs Data Connector | Analytics |
Content Items
This solution includes 3 content item(s):
| Content Type | Count |
|---|---|
| Analytic Rules | 3 |
Analytic Rules
| Name | Severity | Tactics | Tables Used |
|---|---|---|---|
| Deleted a Custom Field Mapping profile | Medium | DefenseEvasion | SOCPrimeAuditLogs_CL |
| Deleted a Tenant | Medium | DefenseEvasion | SOCPrimeAuditLogs_CL |
| Successful logins to SOC Prime platform from bad IP addresses | Medium | InitialAccess | SOCPrimeAuditLogs_CL |
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.1 | 16-02-2026 | New Analytic Rules were added. |
| 3.0.0 | 24-11-2025 | Initial Solution Release. |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊